spamassassin-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Matus UHLAR - fantomas <>
Subject Re: TTL and DNSBLs (was Re: Why run your own DNS server?)
Date Thu, 07 Jul 2011 14:10:36 GMT
>On Thu, 7 Jul 2011 14:39:48 +0200
>Matus UHLAR - fantomas <> wrote:
>> And in case of repeating the same IP's (which happens especially with
>> remote mailservers) the negative cache helps much.

On 07.07.11 09:09, David F. Skoll wrote:
>No, it does not.  I have run experiments on real mail servers.  I'm not
>just making this up.  If you like, I can send you my log analysis code
>so you can run the same experiments on your own mail servers.

Do you have memory for your nameserver limited or not? Does it only 
expire RR's when they time out?

what logs did you procvess? Do you log responses with informations if 
they came out of cache?

>> In fact, I think that DNSBL's operators should provide the same TTL
>> for both positive and negative answers, that can be even as big as
>> 12-24h for dynamic/policy block lists.

>As I mentioned, it's not in their interests to do that (if they sell access
>to heavy users.)  Additionally, though I haven't experimented very extensively,
>my tests show that cache effectiveness is not very sensitive to TTL.  Real
>mail servers tend to be hit by a *lot* of different IP addresses, many of which
>don't repeat for hours (if ever).

well, connections to our mailservers _do_ repeat, expecially for 
servers like google, facebook or similar services. Of course, there ARE 
bots, zombies and drones from the internet that do not reconect to our 
servers but there are many that do.

However I did not measure statistic effectiveness. OTOH, it's good when 
we have cached result for google servers and not for drones... :)

Matus UHLAR - fantomas, ;
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
I don't have lysdexia. The Dog wouldn't allow that.

View raw message