search

spamhaus / spamassassin-dqs

Spamhaus code for the Spamassassin plugin. See https://docs.spamhaustech.com/40-real-world-usage/SpamAssassin/000-intro.html
Apache License 2.0
54 stars 16 forks source link

pbl not lastexternal ? #18

Closed xpunkt closed 4 years ago

xpunkt commented 4 years ago

https://github.com/spamhaus/spamassassin-dqs/blob/master/sh.cf#L35 http://svn.apache.org/viewvc/spamassassin/trunk/rules/20_dnsbl_tests.cf?view=markup#l124

ricalfieri commented 4 years ago

PBL is part of ZEN, and is then included in RCVD_IN_ZEn_LASTEXTERNAL

https://github.com/spamhaus/spamassassin-dqs/blob/d543bc41aefa8a061482f316597c5c55ff2ac1d9/sh.cf#L14

xpunkt commented 4 years ago

there is diffrence in core spamassassin rule and dqs rule ?

i report since i see postfixmaillist hit pbl, and i have all maillist trusted_networks, my own faults ?

ricalfieri commented 4 years ago

PBL should never be used in deep received chain scanning. As it is a policy blocklist, and often maintained by ISP themselves, it's meant to be a list of IPs to never accept direct emails from. Obviously it is perfectly normal to have PBL hit on deep chain inspection, as many home users would have their IP listed here. But in this case no score at all should be assigned to PBL, because the home user would have used a legitimate mailserver to send their email. This is the reason we use ZEN for -lastexternal checking, and rescored RCVD_IN_PBL to 0.001

xpunkt commented 4 years ago

this is a workaround that it only scores 0.001, i would like to make it score 100, but not hit deep checking, and my point is that core spamassassin have another rule then dqs

i started this ticket with excact lines in both to show the diffrence

only check_rbl_sub is using lastexternal from cache, check_rbl is not using cache results

ricalfieri commented 4 years ago

Yeah we redefined the score.

From our point of view, it doesn't make sense to check PBL in lastexternal, because it's already in ZEN. Of course you can have a particular use case, but our goal is to provide a drop-in addon for SpamAssassin to make it use DQS at best

We kept RCVD_IN_PBL because in some SA versions (can't remember which one) even if you score the rule at 0 it would still make the lookup (observed with debugging).

I trust that more advanced SA users like yourself can easily overcome this little inconvenience. As I said, this plugin is aimed to reach a broad audience that may be not very experienced with SA.