SA Bugzilla – Bug 5672
RHSBL from securitysage.com down
Last modified: 2007-10-17 23:57:55 UTC
I guess this means that the DNS_FROM_SECURITYSAGE rule shall be removed from SA rules...
how long has the DNSBL been down? Has it been down permanently, or fluctuating up-and-down?
First time seen Oct 4 18:00:44 CET. I sometimes don't see any error from named, but then it could be the scanned message doesn't contain any URI. Please note I asked the forum to know if I was the only one missing DNS replies from securitysage.com. The only reply I got was about securitysage discontinuining this service a month ago. I guess that we should better investigate this matter. Anybody knowing somebody to contact at securitysage.com?
I sent a message to a possible contact e-mail asking if securitysage.com discontinued its public service. I'll let you know about any reply.
cool. there's no need to resolve the bug yet -- it's still a possible issue, so let's keep it open.
aiming at 3.2.4
I didn't receive any reply from SSO staff, but anyway I see that it is from Oct 9 at about 21:00 CET that securitysage.com seems to have get back. We probably should close this bug.
actually, I think we should probably remove the lookups, if it has a tendency to go off the air for 5 days without explanation. that's not reliable enough for the main ruleset IMO!
The problem is also that its site doesn't show any reliable contact reference, which makes this BL a bit "obscure" to me. Who people asks listing and delisting? So, you're right to me: +1 to its removal.
ok, removed from 3.3.0: : jm 103...; svn commit -m "bug 5672: remove DNS_FROM_SECURITYSAGE (DNSBL lookups against securitysage.com) due to unreliability" rules Sending rules/20_dnsbl_tests.cf Sending rules/50_scores.cf Transmitting file data .. Committed revision 585500. and from 3.2.x: : jm 92...; svn commit -m "bug 5672: remove DNS_FROM_SECURITYSAGE (DNSBL lookups against securitysage.com) due to unreliability" rules Sending rules/20_dnsbl_tests.cf Sending rules/50_scores.cf Transmitting file data .. Committed revision 585501. and from 3.2.x rule updates: : jm 107...; svn commit -m "bug 5672: remove DNS_FROM_SECURITYSAGE (DNSBL lookups against securitysage.com) due to unreliability" Sending 20_dnsbl_tests.cf Sending 50_scores.cf Transmitting file data .. Committed revision 585502.
and 3.1 updates! (update 585884): [dos@cyan 3.1]$ svn ci -m "bug 5672: remove DNS_FROM_SECURITYSAGE (DNSBL lookups against securitysage.com) due to unreliability" Sending 3.1/20_dnsbl_tests.cf Sending 3.1/50_scores.cf Transmitting file data .. Committed revision 585883. [dos@cyan 3.1]$