Bug 6737 - Disabling all related rules does not disable the queries for network tests
Summary: Disabling all related rules does not disable the queries for network tests
Status: NEW
Alias: None
Product: Spamassassin
Classification: Unclassified
Component: spamassassin (show other bugs)
Version: SVN Trunk (Latest Devel Version)
Hardware: All All
: P2 normal
Target Milestone: Undefined
Assignee: SpamAssassin Developer Mailing List
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2011-12-27 18:53 UTC by Darxus
Modified: 2011-12-28 18:55 UTC (History)
3 users (show)



Attachment Type Modified Status Actions Submitter/CLA Status

Note You need to log in before you can comment on or make changes to this bug.
Description Darxus 2011-12-27 18:53:50 UTC
For example, if you disable all the dnswl tests with:

score RCVD_IN_DNSWL_NONE 0
score RCVD_IN_DNSWL_LOW 0
score RCVD_IN_DNSWL_MED 0
score RCVD_IN_DNSWL_HI 0
score RCVD_IN_DNSWL_BLOCKED 0

You'll still send all the associated DNS queries if you don't use one of:

score __RCVD_IN_DNSWL 0 # recommended by http://wiki.apache.org/spamassassin/DnsBlocklists (John Hardin?)
meta __RCVD_IN_DNSWL 0 # recommended by Karsten Bräckelmann

This results in the possibility of sites disabling the rules while still sending large numbers of network queries.
Comment 1 John Hardin 2011-12-28 15:28:28 UTC
(In reply to comment #0)

> score __RCVD_IN_DNSWL 0 # recommended by
> http://wiki.apache.org/spamassassin/DnsBlocklists (John Hardin?)

Disbling DNSWL does not explicitly appear in the wiki, though it can be inferred from what is in the wiki. The info on disabling rules was added by Matt Kettler in 2009.

My edits to the disabling section were only to correct formatting errors.
Comment 2 Darxus 2011-12-28 15:52:58 UTC
(In reply to comment #1)
> Disbling DNSWL does not explicitly appear in the wiki, though it can be
> inferred from what is in the wiki. The info on disabling rules was added by
> Matt Kettler in 2009.
> 
> My edits to the disabling section were only to correct formatting errors.

Wow, wrapping text in triple curly braces strips off the leading "__", which is the change I was looking for in the history.  Thanks for the clarification.
Comment 3 Darxus 2011-12-28 15:55:22 UTC
If we do "score __RCVD_IN_DNSWL 0" or "meta __RCVD_IN_DNSWL 0", is it still necessary to 0 out the rest of the rules?
Comment 4 Kevin A. McGrail 2011-12-28 18:49:53 UTC
(In reply to comment #3)
> If we do "score __RCVD_IN_DNSWL 0" or "meta __RCVD_IN_DNSWL 0", is it still
> necessary to 0 out the rest of the rules?

I think we've had two differing goals:

1 is to stop queries.

2 is to stop scores.

Likely you have to do all of them including the meta rule to make sure that no queries are sent.  

There also seem to be a number of ways to disable things and some may have larger reaching implications than originally intended.
Comment 5 Darxus 2011-12-28 18:55:19 UTC
I verified that "score __RCVD_IN_DNSWL 0" or "meta __RCVD_IN_DNSWL 0" will both disable the dnswl tests.  So as far as I can tell it's never necessary to do the rest of these:

score RCVD_IN_DNSWL_NONE 0
score RCVD_IN_DNSWL_LOW 0
score RCVD_IN_DNSWL_MED 0
score RCVD_IN_DNSWL_HI 0
score RCVD_IN_DNSWL_BLOCKED 0

Anybody know of a reason we shouldn't stop telling people to set the scores for all rules to 0, and just tell them to set the score of the eval rule to 0 or do the meta 0 thing?