On Thu, 29 May 2003, William Thompson wrote:
> All 14 values? What if they added more? Wouldn't that be annoying.
As I said, our own mailer blocks on all of the RBL+ values - and more;
so this discussion was only an academic exercise to me.
But the actual MAPS service offers separate DNS hierarchies for their
various blacklists, so a normal MAPS subscriber wouldn't have a
problem: they could query each of the separate domains of interest to
them.
The JANET folks signed-up to RBL+, and they mirror it (the composite
list) for our (.ac.uk) use: I guess they assumed that's what we'd
want, and in our case indeed it is.
But if the original questioner wants to factor out the DUL, then it
seems he's been offered quite a convenient configuration...
In more general terms: there are two kinds of blacklists, the
enumeration kind (e.g Osirusoft), where each value has a different
meaning, and if an IP is in several blacklists then they'll return
several A records for it; and the bitmask kind (e.g RBL+ or Blitzed),
where a site gets just one A record, but with bit(s) set to denote
what kind(s) of abuse they're listed for.
At the moment, the configuration language is dealing comfortably with
the enumeration kind, but Blitzed [1], for example, is already using 5
bits in its mask, and so, configuring a selective match from their
list could involve quite a lot of enumeration ;-)
I suppose ultimately this is pointing to support of a bitmask in the
configuration language (but not necessarily of contiguous bits, unlike
typical IP/netmask matches) for versatility. Whether this is worth
the effort of implementing it, I wouldn't care to decide.
cheers
[1]
http://opm.blitzed.org/info
