spamassassin-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From John Hardin <jhar...@impsec.org>
Subject Re: IADB whitelist - again
Date Thu, 01 Mar 2018 19:04:11 GMT
On Thu, 1 Mar 2018, Sebastian Arcus wrote:

> I know I have brought up this issue on this list before, and sorry for the 
> persistence, but having 7 different rules adding scores for the IADB 
> whitelist still seems either ridiculous, or outright suspect:
>
> -0.2 RCVD_IN_IADB_RDNS      RBL: IADB: Sender has reverse DNS record
>                             [199.127.240.84 listed in iadb.isipp.com]
> -0.1 RCVD_IN_IADB_SPF       RBL: IADB: Sender publishes SPF record
> -0.1 RCVD_IN_IADB_OPTIN     RBL: IADB: All mailing list mail is opt-in
> -0.0 RCVD_IN_IADB_SENDERID  RBL: IADB: Sender publishes Sender ID record
> -0.0 RCVD_IN_IADB_LISTED    RBL: Participates in the IADB system
> -0.1 RCVD_IN_IADB_DK        RBL: IADB: Sender publishes Domain Keys record
> -0.1 RCVD_IN_IADB_VOUCHED   RBL: ISIPP IADB lists as vouched-for sender
>
>
> It really raises some very uncomfortable questions regarding the impartiality 
> of SA and/or its anti-spam capabilities. And by the way, this message is 
> definitely unsolicited, and in now way we gave any sort of permission or 
> consent to this company or its "affiliates" to email us - so the whole "All 
> mailing list mail is opt-in" is nonsense.
>
> And why have "Sender has reverse DNS record" and "Sender publishes SPF 
> record" as separate IADB rules - when SA itself already checks for these? 
> Isn't this just a glaring way of pumping up SA scores for the IADB 
> subscribers?

Don't assume malice right off the bat. More likely it is that IADB 
provides all those status codes and SA exposes a rule for each, with 
minimal scores, to allow local tuning if desired.

Also, there is RCVD_IN_IADB_DOPTIN, so RCVD_IN_IADB_OPTIN may be "someone 
somehow gave us your name somewhere" (i.e. "single opt-in") rather than 
"we confirmed you actually want to receive our garbage" ("double opt-in").

The scores appear hardcoded (50_scores.cf) vs. from masscheck 
(72_scores.cf) so they may be *very* stale.


-- 
  John Hardin KA7OHZ                    http://www.impsec.org/~jhardin/
  jhardin@impsec.org    FALaholic #11174     pgpk -a jhardin@impsec.org
  key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C  AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
   ...to announce there must be no criticism of the President or to
   stand by the President right or wrong is not only unpatriotic and
   servile, but is morally treasonous to the American public.
                                           -- Theodore Roosevelt, 1918
-----------------------------------------------------------------------
  12 days until Albert Einstein's 139th Birthday

Mime
View raw message