From: Thomas E. <Tho...@th...> - 2010-09-22 17:56:18
|
Hi all, fixed in 2.0.2_1.2.14 - the HTML-source code of the Blockreports is redesigned - hope this helps to solve the problems - the fix in 2.0.2_1.2.13 for the RBL response of ' blackholes.five-ten-sg.com ' was incomplete changed: - the resonse '127.0.x.0' (trust = 0) of 'list.dnswl.org' for RWL leads no more in to RWL=OK Thomas DISCLAIMER: ******************************************************* This email and any files transmitted with it may be confidential, legally privileged and protected in law and are intended solely for the use of the individual to whom it is addressed. This email was multiple times scanned for viruses. There should be no known virus in this email! ******************************************************* |
From: Scott M. <as...@ho...> - 2010-09-25 13:40:07
|
Thomas, Where services such as multi.surbl.org return a bitmapped response, such as: 2 = comes from sc.surbl.org 4 = comes from ws.surbl.org 8 = comes from phishing data source (labelled as [ph] in multi) 16 = comes from ob.surbl.org 32 = comes from ab.surbl.org 64 = comes from jp data source (labelled as [jp] in multi) And the response could be: 127.0.0.22, which indicates hits on the sc., ws. and ob. (2+4+16), what do you recommend the best way to set up monitoring? I suppose we could do 127 entries: multi.surbl.org=>127.0.0.1=>5 multi.surbl.org=>127.0.0.2=>4 multi.surbl.org=>127.0.0.3=>4 multi.surbl.org=>127.0.0.4=>4 multi.surbl.org=>127.0.0.5=>3 ...and so on, but that seems quite inefficient. Do you have any better suggestions? |
From: Thomas E. <Tho...@th...> - 2010-09-25 14:19:36
|
>...and so on, but that seems quite inefficient. Do you have any better suggestions? I was waiting for this question since some days. set as many defaults as possible using * and ? as wildcards multi.surbl.org=>*=>6 set some exceptions from that multi.surbl.org=>127.0.0.32=>4 multi.surbl.org=>127.0.0.33=>4 multi.surbl.org=>127.0.0.34=>4 multi.surbl.org=>127.0.0.35=>4 multi.surbl.org=>127.0.0.36=>4 multi.surbl.org=>127.0.0.37=>4 multi.surbl.org=>127.0.0.38=>4 multi.surbl.org=>127.0.0.39=>4 multi.surbl.org=>127.0.0.4?=>4 multi.surbl.org=>127.0.0.5?=>4 multi.surbl.org=>127.0.0.60=>4 multi.surbl.org=>127.0.0.61=>4 multi.surbl.org=>127.0.0.62=>4 multi.surbl.org=>127.0.0.63=>4 or set multi.surbl.org=>*=>5 and increase or decrease the weigth for 'ws.surbl.org' by ws.surbl.org=>*=>-10 There are many ways to do this . This interface is very opened - and this is what it should be. It can handle any possible return code - and yes if you want to use it extensive, it will take a while to configure it. I think with some lines in Perl, you can build this list very easy for all 127 cases. Thomas Von: Scott MacLean <as...@ho...> An: ASSP development mailing list <ass...@li...> Datum: 25.09.2010 15:41 Betreff: [Assp-test] multi.surbl.org Thomas, Where services such as multi.surbl.org return a bitmapped response, such as: 2 = comes from sc.surbl.org 4 = comes from ws.surbl.org 8 = comes from phishing data source (labelled as [ph] in multi) 16 = comes from ob.surbl.org 32 = comes from ab.surbl.org 64 = comes from jp data source (labelled as [jp] in multi) And the response could be: 127.0.0.22, which indicates hits on the sc., ws. and ob. (2+4+16), what do you recommend the best way to set up monitoring? I suppose we could do 127 entries: multi.surbl.org=>127.0.0.1=>5 multi.surbl.org=>127.0.0.2=>4 multi.surbl.org=>127.0.0.3=>4 multi.surbl.org=>127.0.0.4=>4 multi.surbl.org=>127.0.0.5=>3 ...and so on, but that seems quite inefficient. Do you have any better suggestions? ------------------------------------------------------------------------------ Start uncovering the many advantages of virtual appliances and start using them to simplify application deployment and accelerate your shift to cloud computing. http://p.sf.net/sfu/novell-sfdev2dev _______________________________________________ Assp-test mailing list Ass...@li... https://lists.sourceforge.net/lists/listinfo/assp-test DISCLAIMER: ******************************************************* This email and any files transmitted with it may be confidential, legally privileged and protected in law and are intended solely for the use of the individual to whom it is addressed. This email was multiple times scanned for viruses. There should be no known virus in this email! ******************************************************* |