Menu
▾
▴
[Assp-test] Proposal for DNSBL refinement
|
From: Micheal E. Jr <mi...@es...> - 2008-10-10 20:27:33
|
Sorry if this has been discussed before - but I have no knowledge of it. My proposal, based on years of using DNSBLs and seeing other around me flounder in their use, is for ASSP to use a weighted /scored system for DNS matches. I think its great that ASSP can block on multiple DNSBL matches. This is a great feature to help prevent false positive matches. But I think it would be more appropriate if each DNSBL could be assigned a weight or score -and that the scores of those matches could be summed/calculated to base a block on. For instance: I block on multiple matches, but increasingly in recent months have found many instances where, for example, zen.spamhaus.org is the only DNSBL I am using that is returning a positive match. So I get a DNSBL Neutral result in ASSP and a Message Score added to the session analysis. This would be fine if these messages didn't sneak past under the Message Score limit - but they do, which is why I am writing this. :-) What I would like to see, is a weighted DNSBL system were we can assign higher values to confident DNSBLs, like Spamhaus's Zen, and lower values to riskier/aggressive DNSBLs, like SpamCop, UCE Protect, etc. Maybe a value system similar to how the DNSBLs themselves are used. let the admin define a max value, and a threshold to reach for a positive block situation. In the DNSBL list/file, append each listing with a comma and a number, like in this example which would use a 3 point threshold: RBLServiceProvider.txt ---------- zen.spamhaus.org,3# Spamhaus ZEN combined.njabl.org,3# Not Just Another Bogus List Combined list.dsbl.org,3# Distributed Sender Blackhole List ix.dnsbl.manitu.net,3# iX NiX SPAM psbl.surriel.com,2# Passive Spam Block List dnsbl.sorbs.net,1# Spam and Open Relay Blocking System DNS-based Block List bl.spamcop.net,1# SpamCop Blocking List dnsbl-1.uceprotect.net,1# Unsolicited Commercial E-mail Level-1 dnsbl-2.uceprotect.net,1# Unsolicited Commercial E-mail Level-2 ---------- Any thoughts? |
