spamassassin-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject [Bug 6724] DNS Blacklistsreturning purposefully wrong answers as part of Anti-Abuse / Free for Some Policies
Date Tue, 13 Dec 2011 21:46:12 GMT

--- Comment #20 from Kevin A. McGrail <> 2011-12-13 21:46:12 UTC ---
(In reply to comment #19)
> "... hold off on subsequent DNSBL queries for 1 hour."
> I just made a suggestion to the authors of the above cited draft, and in my
> suggestion, I indicated that perhaps queries to the offending DNS-based list be
> disabled until reconfiguration or manual restart without a time limit.  We
> don't know what time quantum the list maintainer may hae selected over which to
> determine excessive queries or even if such is a constant (vs. lengthened
> periods for each time a query source is blocked, including "permanently"). 
> Although one hour may be reasonable for a "first" test after detecting a
> problem, maybe subsequent retries after continued failure should be much later.
>  In that respect, I suggest starting with 1 hour, but then add half the time
> for each subsequent failure, producing a series:  1, 1.5, 2.25, 3.375, 5.0625,
> ....

I like the exponential delay but something like 5% extra instead of 50% might
be better.  Otherwise in just one day, you are going to have massive retry

Plus 1 query per hour = 24 queries a day versus over 100K per day.  I think 1
per hour is going to be a really good number to start with and won't need much

Configure bugmail:
------- You are receiving this mail because: -------
You are the assignee for the bug.

View raw message