5672 – RHSBL from securitysage.com down

Bug 5672 - RHSBL from securitysage.com down

Summary: RHSBL from securitysage.com down

Status:	RESOLVED FIXED

Alias:	None

Product:	Spamassassin
Classification:	Unclassified
Component:	Rules (show other bugs)
Version:	unspecified
Hardware:	All All

Importance:	P5 minor
Target Milestone:	3.2.4
Assignee:	SpamAssassin Developer Mailing List

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2007-10-08 09:04 UTC by Giampaolo Tomassoni
Modified:	2007-10-17 23:57 UTC (History)
CC List:	0 users

Attachment	Type	Modified	Status	Actions	Submitter/CLA Status
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Giampaolo Tomassoni 2007-10-08 09:04:40 UTC

I guess this means that the DNS_FROM_SECURITYSAGE rule shall be removed from 
SA rules...

Comment 1 Justin Mason 2007-10-08 09:19:31 UTC

how long has the DNSBL been down?  Has it been down permanently, or fluctuating
up-and-down?

Comment 2 Giampaolo Tomassoni 2007-10-08 09:30:30 UTC

First time seen Oct 4 18:00:44 CET.

I sometimes don't see any error from named, but then it could be the scanned 
message doesn't contain any URI.

Please note I asked the forum to know if I was the only one missing DNS 
replies from securitysage.com. The only reply I got was about securitysage 
discontinuining this service a month ago.

I guess that we should better investigate this matter. Anybody knowing 
somebody to contact at securitysage.com?

Comment 3 Giampaolo Tomassoni 2007-10-08 10:23:13 UTC

I sent a message to a possible contact e-mail asking if securitysage.com 
discontinued its public service.

I'll let you know about any reply.

Comment 4 Justin Mason 2007-10-08 10:36:37 UTC

cool.  there's no need to resolve the bug yet -- it's still a possible issue, so
let's keep it open.

Comment 5 Justin Mason 2007-10-11 14:43:13 UTC

aiming at 3.2.4

Comment 6 Giampaolo Tomassoni 2007-10-12 12:12:35 UTC

I didn't receive any reply from SSO staff, but anyway I see that it is from 
Oct 9 at about 21:00 CET that securitysage.com seems to have get back.

We probably should close this bug.

Comment 7 Justin Mason 2007-10-13 04:00:16 UTC

actually, I think we should probably remove the lookups, if it has a tendency to
go off the air for 5 days without explanation.   that's not reliable enough
for the main ruleset IMO!

Comment 8 Giampaolo Tomassoni 2007-10-13 04:14:54 UTC

The problem is also that its site doesn't show any reliable contact reference, 
which makes this BL a bit "obscure" to me.

Who people asks listing and delisting?

So, you're right to me:

+1 to its removal.

Comment 9 Justin Mason 2007-10-17 06:46:49 UTC

ok, removed from 3.3.0:

: jm 103...; svn commit -m "bug 5672: remove DNS_FROM_SECURITYSAGE (DNSBL
lookups against securitysage.com) due to unreliability" rules
Sending        rules/20_dnsbl_tests.cf
Sending        rules/50_scores.cf
Transmitting file data ..
Committed revision 585500.

and from 3.2.x:

: jm 92...; svn commit -m "bug 5672: remove DNS_FROM_SECURITYSAGE (DNSBL lookups
against securitysage.com) due to unreliability" rules
Sending        rules/20_dnsbl_tests.cf
Sending        rules/50_scores.cf
Transmitting file data ..
Committed revision 585501.

and from 3.2.x rule updates:

: jm 107...; svn commit -m "bug 5672: remove DNS_FROM_SECURITYSAGE (DNSBL
lookups against securitysage.com) due to unreliability"
Sending        20_dnsbl_tests.cf
Sending        50_scores.cf
Transmitting file data ..
Committed revision 585502.

Comment 10 Daryl C. W. O'Shea 2007-10-17 23:57:55 UTC

and 3.1 updates! (update 585884):

[dos@cyan 3.1]$ svn ci -m "bug 5672: remove DNS_FROM_SECURITYSAGE (DNSBL lookups
against securitysage.com) due to unreliability"
Sending        3.1/20_dnsbl_tests.cf
Sending        3.1/50_scores.cf
Transmitting file data ..
Committed revision 585883.
[dos@cyan 3.1]$