Bug 6718 - DNSWL whitelist corruption
Summary: DNSWL whitelist corruption
Status: RESOLVED DUPLICATE of bug 6668
Alias: None
Product: Spamassassin
Classification: Unclassified
Component: Rules (show other bugs)
Version: 3.4.0
Hardware: All Linux
: P2 blocker
Target Milestone: 3.4.0
Assignee: SpamAssassin Developer Mailing List
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2011-12-10 00:34 UTC by drmres
Modified: 2011-12-14 03:09 UTC (History)
5 users (show)



Attachment Type Modified Status Actions Submitter/CLA Status

Note You need to log in before you can comment on or make changes to this bug.
Description drmres 2011-12-10 00:34:21 UTC
The DNSWL list are severely corrupted.

SpamAssassin basically cancels out its SPAM rating if a domain is listed in the DNSWL whitelists.

FIRSTLY - Anyone can add their domain to DNSWL by filling in the form at http://www.dnswl.org/request.pl which is obviously not monitored. Did no-one think SPammers would think to add their domains?!

SECONDLY - WHO came up with this bright idea of ignoring the ratings that based on email content simply because they are on the DNSWL whitelist?

They should be removed from development immediately.

After receiving 100+ emails per hour labelled as 'Not spam' as they are on the DNSWL list, you have royally shafted the effectiveness of SpamAssasin.

This huge BUG needs addressing immediately.
Comment 1 drmres 2011-12-10 00:41:30 UTC
Additionally, their form for addition to the whitelist contains a 'very sophisticated' (<- sarcasm intended) bot check by asking for 5+3.

Seriously. Removal of the DNSWL lists needs to be effected immediately, and whoever thought of authorising them in the first place prevented from any such action in the future.
Comment 2 Kevin A. McGrail 2011-12-10 01:27:26 UTC
(In reply to comment #1)
> Additionally, their form for addition to the whitelist contains a 'very
> sophisticated' (<- sarcasm intended) bot check by asking for 5+3.
> 
> Seriously. Removal of the DNSWL lists needs to be effected immediately, and
> whoever thought of authorising them in the first place prevented from any such
> action in the future.

Please attach a sample of a FP or FN from the rule. The scores for DNSWL are graduated and I'm not aware of the systemic issue you are stating exist

# DNSWL
score RCVD_IN_DNSWL_NONE 0 -0.0001 0 -0.0001
score RCVD_IN_DNSWL_LOW 0 -0.7 0 -0.7
score RCVD_IN_DNSWL_MED 0 -2.3 0 -2.3
score RCVD_IN_DNSWL_HI 0 -5 0 -5

In my hand-classified FNs folder, I have 292 hits for DNSWL that are:

246 - DNSWL_NONE
38 - DNSWL_LOW
4 - DNSWL_MED
4 - DNSWL_HI

Of the 4 hi, two were real bank notifications incorrectly classified and 2 were from apache mailing lists.

Without samples, this has to be considered invalid.  And I'm open to consideration there is a problem but try and lower the rant and unnecessary digs.
Comment 3 drmres 2011-12-10 01:36:24 UTC
After direct contact with DNSWH.org, please see the transactions below with
a member of their team directly. It is specifically pointed out by him (them) that their servers return a 'Listed' (as in 'Trustworthy') response from non-subscribers.

DNSWL results are untrustworthy and unreliable, returning 'Trustworthy' status
of checked emails whether acknowledged by them or not.

I am also not basing this on nothing. This is the result of 1200 SPAM emails received in 36 hours, the majority of which allowed through Spam Assassin because their normal Spam rating is cancelled out by DNSWL.

----
Am Sa 10. Dez 2011, 02:23:05, xxxx@xxxx.com schrieb:

Hi Bernard,

I haven't stated which nameserver(s) were being used to do the lookups. This
means any nameserver *not* on your subscription list will return a 'true' for
any lookup, meaning it is listed as 'trusted' in your whitelists if they are
not paying customers?

Wouldn't it be more trustworthy and intelligent to do the opposite and let
software developers such as Spam Assassin rely on their algorithms instead?

Can you explain the logic, sense, and respectability by doing so? Surely this
defuncts the whole point of the service?

You have effectively annihilated the whole functionality of DNSWL. in one
sentence. Thank you. 

I quote:
"You are using a nameserver to access our services who has been doing millions
of queries per day since months. Since the abuse departments of these
nameservers did not take any action, we had to temporarily return a "listed"
result for all requests from these nameservers in order to protect our
infrastructure for all other users of our free service."

Kind regards,
XXXX.

-----Original Message-----
From: Bernd H. Steiner (dnswl.org) via RT [mailto:admins@dnswl.org]
Sent: 10 December 2011 02:07
To: xxxx@xxxx.com
Subject: [admin.dnswl.org #25026] Your lists are corrupt 

> 1) Not provide an online form allowing *anyone* to add domains to your 
> whitelist. Did you not think spammers may apply?!

They may apply but as each request is revieved manually, no problem. We don't
add the requests via the form automatically.

And we monitor the entries in our database and also the feedback via form and
our registered abuse reporters. And as you can see also our handling time for
abuse requests is short, regarding that we are a volunteer driven project.

regarding your samples:
96.8.113.39 is not listed here
208.79.210.83 is not listed here
66.7.202.226 is not listed here

Which DNS do you use?

IPs mentioned are NOT listed in our database.

You are using a nameserver to access our services who has been doing millions
of queries per day since months. Since the abuse departments of these
nameservers did not take any action, we had to temporarily return a "listed"
result for all requests from these nameservers in order to protect our
infrastructure for all other users of our free service.

Please switch to using a local nameserver or, if you are doing more than
100'000 queries/24 hours, consider a subscription at
https://subscription.dnswl.org/

For more information please see
http://dnswl.org/news/archives/24-Abusive-use-of-dnswl.org-infrastructure-enforcing-limits.html

regards
bernd
--
Bernd H. Steiner - senior zone editor
http://www.dnswl.org
DNS Whitelist – Protect against false positives


Am Sa 10. Dez 2011, 01:58:20, xxxx@xxxx.com schrieb:
> Hi,
> 
> [96.8.113.39] (helo=mail.kaharawfu.info) - 5.0 RCVD_IN_DNSWL_HI RBL:
> Sender listed at http://www.dnswl.org/, high trust [96.8.113.39 listed 
> in list.dnswl.org]
> 
> host.unitedvibecouncil.com RCVD_IN_DNSWL_HI - RBL: Sender listed at 
> http://www.dnswl.org/, high trust [208.79.210.83 listed in 
> list.dnswl.org]
> 
> smtp.calistabroadcasting.info ([66.7.202.226]) - RBL: Sender listed at 
> http://www.dnswl.org/, high trust [66.7.202.226 listed in 
> list.dnswl.org]
> 
> These few received in just the past few minutes. This is only a sample 
> of the 1200+ received in the past 24 hours.
> 
> Perhaps you should change your whitelisting policy to:
> 1) Not provide an online form allowing *anyone* to add domains to your 
> whitelist. Did you not think spammers may apply?!
> 2) If you must provide a pathetic form, provide a better bot check 
> than "5+3". Seriously. Who came up with that?
> 3) Monitor and check the applications to your whitelist.
> 4) Monitor the emails being received from those in your whitelist.
> 5) Not promote yourself to organisation such as Spam Assassin while 
> your service is appalling and unmonitored, effectively making theirs 
> useless.
> 
> I have filed a bug report of level "Severe" regarding DNSWL to Spam 
> Assassin.
> 
> Kind regards.
> 
> 
> -----Original Message-----
> From: Bernd H. Steiner (dnswl.org) via RT [mailto:admins@dnswl.org]
> Sent: 10 December 2011 01:22
> To: xxxx@xxxx.com
> Subject: [admin.dnswl.org #25026] Your lists are corrupt
> 
> and which domain/ip is listed here which doesn't fit our policy at 
> http://dnswl.org/policy?
> 
> regards
> bernd
> --
> Bernd H. Steiner - senior zone editor
> http://www.dnswl.org
> DNS Whitelist – Protect against false positives
>
Comment 4 drmres 2011-12-10 01:45:09 UTC
Hi,

As previously replied to you, and with the standing that you are unaware of the nameservers being used, the fact is that whether a nameserver makes multiple requests or not, the result should never, ever, be that a domain is trusted when you have no proof of it being so.

Your organisation is also of no standing to determine which nameservers are abusive as the lookups could very well be legitimate in their requests, as are those that have been made in this instance. Even so, to return a 'trusted' response for any and all lookups if ludicrous. This defeats the whole purpose of your 'service'.

I have never heard of anything similar - ever.

Your comments have been forwarded to the appropriate departments.

Kind regards.

-----Original Message-----
From: Bernd H. Steiner (dnswl.org) via RT [mailto:admins@dnswl.org]
Sent: 10 December 2011 02:28
To: xxxx@xxxx.com
Subject: [admin.dnswl.org #25026] Your lists are corrupt 

No, but if all your requests get a hi that is a strong indicator that you are using an abusive nameservers as reported in http://dnswl.org/news/archives/24-Abusive-use-of-dnswl.org-infrastructure-enforcing-limits.html

No, not any any nameserver *not* on your subscription list will return a 'true' for any lookup, see also the announcement above.

regards
bernd
--
Bernd H. Steiner - senior zone editor
http://www.dnswl.org
DNS Whitelist - Protect against false positives
Comment 5 Kevin A. McGrail 2011-12-10 01:47:12 UTC
Thank you for the much clearer complaint.  

I agree.  Returning a positive answer is wrong.  RBL providers should only return special answers that are defined as over-limit, return no answer, block the queries or something else that does not cause FPs.

Unless they change this policy, I must recommend that DNSWL be disabled by default immediately.

Darxus, do you remember the bug that discussed rate limit responses for an RBL?
Comment 6 drmres 2011-12-10 01:55:45 UTC
If example Spams and originating domains are required I can supply many, as one account is, as previously stated, receiving thousands.

Will the argument below disable DNSWL within Spam Assassin and if not, do you have an option that will?

SCORE RCVD_IN_DNSWL_LOW 0
Comment 7 Kevin A. McGrail 2011-12-10 02:05:17 UTC
(In reply to comment #6)
> If example Spams and originating domains are required I can supply many, as one
> account is, as previously stated, receiving thousands.
> 
> Will the argument below disable DNSWL within Spam Assassin and if not, do you
> have an option that will?
> 
> SCORE RCVD_IN_DNSWL_LOW 0

No samples are needed.  The email you provided showing these are false hits cause by query limits are the issue.  

Do you run your own DNS servers?  

These scores will disable it:

score RCVD_IN_DNSWL_NONE 0 
score RCVD_IN_DNSWL_LOW 0 
score RCVD_IN_DNSWL_MED 0 
score RCVD_IN_DNSWL_HI 0
Comment 8 drmres 2011-12-10 02:08:36 UTC
Thank you.

No, these are not private DNS servers, they are public shared servers in this case run by a hosting company, and even so, nothing was relayed at any time to DNSWL regarding which nameservers were being used.
Comment 9 Kevin A. McGrail 2011-12-10 02:15:36 UTC
(In reply to comment #8)
> Thank you.
> 
> No, these are not private DNS servers, they are public shared servers in this
> case run by a hosting company, and even so, nothing was relayed at any time to
> DNSWL regarding which nameservers were being used.

Highly recommend you run your own nameservers.  They knew the problem because it must be a common issue for them.
Comment 10 drmres 2011-12-10 02:20:47 UTC
Regardless, to return 'trusted' to all such requests defeats the entire anti-spam objective, especially when such a response effectively cancels out the Spam Assassin rating itself.

The multitude using paid hosting have no option and lookups are done by the host on receipt. Spam Assassin is run x thousands of servers and is trusted and used worldwide.

This type of thing makes it useless.
Comment 11 Benny Pedersen 2011-12-10 02:34:22 UTC
(In reply to comment #10)
> Regardless, to return 'trusted' to all such requests defeats the entire
> anti-spam objective, especially when such a response effectively cancels out
> the Spam Assassin rating itself.

it gets attention ?

> The multitude using paid hosting have no option and lookups are done by the
> host on receipt. Spam Assassin is run x thousands of servers and is trusted
> and used worldwide.
> 
> This type of thing makes it useless.

use your own local dns server on LO interface and stop forwarding dns queryes

# /etc/resolv.conf 
nameserver 127.0.0.1

it begins to be a faq
Comment 12 Karsten Bräckelmann 2011-12-10 02:37:19 UTC
(In reply to comment #3)
> I am also not basing this on nothing. This is the result of 1200 SPAM emails
> received in 36 hours, [...]

WAY below any limits.

Yes, this is a duplicate, original report by Darxus I believe. Yes, this is using an ISP's DNS server.

To the OP: It is generally highly recommended, to run your own caching, recursive (non-forwarding) nameserver with SA. This will immediately fix your problem.


> I quote:
> "You are using a nameserver to access our services who has been doing millions
> of queries per day since months. Since the abuse departments of these
> nameservers did not take any action, we had to temporarily return a "listed"
> result for all requests from these nameservers in order to protect our
> infrastructure for all other users of our free service."

Sic.
Comment 13 drmres 2011-12-10 02:40:06 UTC
(In reply to comment #11)
> (In reply to comment #10)
> > Regardless, to return 'trusted' to all such requests defeats the entire
> > anti-spam objective, especially when such a response effectively cancels out
> > the Spam Assassin rating itself.
> 
> it gets attention ?
> 

It means people have to *pay* for their services. Spam Assassin becomes useless.
Comment 14 drmres 2011-12-10 02:45:54 UTC
(In reply to comment #12)
> (In reply to comment #3)
> > I am also not basing this on nothing. This is the result of 1200 SPAM emails
> > received in 36 hours, [...]
> 
> WAY below any limits.

Below any limits for an individual with a personal account?
This is based on ONE email account.
Are YOU a spammer or part of DNSWL and/or receive funding for such?!

> Yes, this is a duplicate, original report by Darxus I believe. Yes, this is
> using an ISP's DNS server.

This is not a duplicate. This proves absolutely that DNSWL deliberately corrupt their results.
 
> To the OP: It is generally highly recommended, to run your own caching,
> recursive (non-forwarding) nameserver with SA. This will immediately fix your
> problem.

Maybe. Doesn't help the other millions of users.
 
> > I quote:
> > "You are using a nameserver to access our services who has been doing millions
> > of queries per day since months. Since the abuse departments of these
> > nameservers did not take any action, we had to temporarily return a "listed"
> > result for all requests from these nameservers in order to protect our
> > infrastructure for all other users of our free service."
> 
> Sic.

Reason to give (I quote) 'millions' of false positives?
Comment 15 Karsten Bräckelmann 2011-12-10 02:49:54 UTC
BTW, we need to poke DNSWL staff regarding this again and settle it someway. Target 3.4 for now. Still a dupe, though.

drmres: Please cool down. And either run a local, caching, recursive DNS server on your machine(s), or just zero out the scores. This is not an issue to get the attention of 10+ comments and rants within 2 hours.
Comment 16 drmres 2011-12-10 02:50:47 UTC
...Positive/negatives, depending how you look at it...
Comment 17 drmres 2011-12-10 02:53:14 UTC
(In reply to comment #15)
> BTW, we need to poke DNSWL staff regarding this again and settle it someway.
> Target 3.4 for now. Still a dupe, though.
> 
> drmres: Please cool down. And either run a local, caching, recursive DNS server
> on your machine(s), or just zero out the scores. This is not an issue to get
> the attention of 10+ comments and rants within 2 hours.

No rants, I was asked for responses, I've given them.

If I didn't, nothing would be done. And when it's your clients being bombarded through the fault of some obvious profit organisation pretending to be helpful services, I'll do what I can to clarify. This is also affecting millions of other users and is a serious issue.
Comment 18 Benny Pedersen 2011-12-10 03:02:17 UTC
(In reply to comment #17)
 
> If I didn't, nothing would be done. And when it's your clients being bombarded
> through the fault of some obvious profit organisation pretending to be helpful
> services, I'll do what I can to clarify.

shit happends when shared dns is used

> This is also affecting millions of
> other users and is a serious issue.

incorrect its only a problem on your server
Comment 19 Karsten Bräckelmann 2011-12-10 03:07:14 UTC
(In reply to comment #14)
> > > I am also not basing this on nothing. This is the result of 1200 SPAM emails
> > > received in 36 hours, [...]
> > 
> > WAY below any limits.
> 
> Below any limits for an individual with a personal account?
> This is based on ONE email account.

Since you didn't get what I just stated -- Yes, way below any free usage limits. For which you surely would apply. As stated in numerous comments earlier, you are not yourself exceeding any limit, but way below (sic) the limits.

The limit, AFAIR, is 100.000 queries per day, typically much more mail than that. And action is taken only on servers *way* above that.

In a nutshell, specifically for you: You are "WAY below any limits", and should not get these results yourself.

> Are YOU a spammer or part of DNSWL and/or receive funding for such?!

I am not a spammer. I am not affiliated with DNSWL in any way. I am a SA developer, support guy, and PMC member. But thanks for asking.


> > Yes, this is a duplicate, original report by Darxus I believe. Yes, this is
> > using an ISP's DNS server.
> 
> This is not a duplicate. This proves absolutely that DNSWL deliberately corrupt
> their results.

*sigh*

Yes. This is a duplicate of a previously raised issue. Exactly for that reason. This is not the first issue tracking system you use, is it?


> > To the OP: It is generally highly recommended, to run your own caching,
> > recursive (non-forwarding) nameserver with SA. This will immediately fix your
> > problem.
> 
> Maybe. Doesn't help the other millions of users.

Yes, it does. Indeed. With your current setup, you won't get any useful results out of a number of DNSBLs SA uses by default.

That IS the answer to your problem.

Please stop ranting, and set up the local DNS as mentioned a few times. It will not only fix this problem of yours, but help tremendously in identifying spam.
Comment 20 drmres 2011-12-10 14:00:33 UTC
Seems a waste of time trying to help with your development.

I report a whitelist for deliberately corrupting their results to non-paying clients, as stated by the whitelist devs themselves, and this is the response I get?

Well done.
Comment 21 AXB 2011-12-10 14:12:03 UTC
(In reply to comment #20)
> Seems a waste of time trying to help with your development.
> 
> I report a whitelist for deliberately corrupting their results to non-paying
> clients, as stated by the whitelist devs themselves, and this is the response I
> get?
> 
> Well done.

So where is the bug in the SA code?
Disable the rules you don't want/need and move on

PMC: This is not a bug. Pls resolve accordingly
Comment 22 Kevin A. McGrail 2011-12-10 14:14:07 UTC
> PMC: This is not a bug. Pls resolve accordingly

I have to agree though we need to resolve the DNSWL sending out bad answers.

If they purposefully send out bad answers for ANY reason, I'm +1 to disabled the rules in the default installation.

I also think there is another bug discussing this but haven't found it.  I'd like to mark this ticket as a duplicate of that bug and close it if someone has a moment to find it.  I'm working on the updates.
Comment 23 John Hardin 2011-12-10 18:07:16 UTC
DNSWL usage limit problems already reported; SA can't intelligently deal with it unless the BL returns a specific "usage limits exceeded" code.

*** This bug has been marked as a duplicate of bug 6668 ***
Comment 24 John Hardin 2011-12-10 18:18:09 UTC
(In reply to comment #20)
> Seems a waste of time trying to help with your development.
> 
> I report a whitelist for deliberately corrupting their results to non-paying
> clients, as stated by the whitelist devs themselves, and this is the response I
> get?
> 
> Well done.

(1) It is common practice for DNSBLs that have a combined pay and free usage model to start returning invalid results when the usage from an unregistered DNS exceeds the free usage limits. DNSWL is not the only service that does this. MTA admins should be aware of this.

(2) Because of this it is a "best practice" to have a dedicated non-forwarding DNS server for MTAs and antispam filters. I just checked the SA DNSBL wiki page and we sadly don't explicitly mention this. I haven't checked the other SA administrative documentation to see whether this is made clear, could someone else do so?

(3) Yes, this is a duplicate of an existing bug. Unfortunately a bugzilla search using the default options does not find it because it's been closed as WONTFIX.

drmres, this comes across as filing a bug against SA because you don't know enough about proper administration of a mail server, and then ranting at the devs when this is pointed out.
Comment 25 Darxus 2011-12-10 18:21:41 UTC
(In reply to comment #5)
> Darxus, do you remember the bug that discussed rate limit responses for an RBL?

Bug 6668.


DNSWL announced this behavior here:  http://www.dnswl.org/news/archives/24-Abusive-use-of-dnswl.org-infrastructure-enforcing-limits.html

My post about it to the users list:
http://old.nabble.com/DNSWL.org-enforcement-of-free-usage-limits-td32670983.html
Comment 26 Matthias Leisi 2011-12-11 21:01:43 UTC
(speaking for dnswl.org)

(In reply to comment #0)

> FIRSTLY - Anyone can add their domain to DNSWL by filling in the form at
> http://www.dnswl.org/request.pl which is obviously not monitored. Did no-one
> think SPammers would think to add their domains?!

For the record, all requests are manually verified.
Comment 27 drmres 2011-12-14 01:55:32 UTC
(In reply to comment #24)
> (In reply to comment #20)
> > Seems a waste of time trying to help with your development.
> > 
> > I report a whitelist for deliberately corrupting their results to non-paying
> > clients, as stated by the whitelist devs themselves, and this is the response I
> > get?
> > 
> > Well done.
> 
> (1) It is common practice for DNSBLs that have a combined pay and free usage
> model to start returning invalid results when the usage from an unregistered
> DNS exceeds the free usage limits. DNSWL is not the only service that does
> this. MTA admins should be aware of this.
> 
> (2) Because of this it is a "best practice" to have a dedicated non-forwarding
> DNS server for MTAs and antispam filters. I just checked the SA DNSBL wiki page
> and we sadly don't explicitly mention this. I haven't checked the other SA
> administrative documentation to see whether this is made clear, could someone
> else do so?
> 
> (3) Yes, this is a duplicate of an existing bug. Unfortunately a bugzilla
> search using the default options does not find it because it's been closed as
> WONTFIX.
> 
> drmres, this comes across as filing a bug against SA because you don't know
> enough about proper administration of a mail server, and then ranting at the
> devs when this is pointed out.

WTF? Are you retarded? It isn't even worth reading your egotistical, patronising bullshit.

FACT - DNSWL *are* corrupting their lookup results by reporting false negatives, whichever way you look at at it.

I don't give a flying fuck if you think they should be allowed to do so, my point is it corrupts the entire SpamAssassin system, whether you like it or not, and the issue should be addressed seriously. If YOU don't think so, leave the dev team.

A -5 score report for their false negatives? Where is your brain?

Far from 'ranting' myself, it is YOU doing so, by consistently repeating yourself about issues you obviously know nothing about. If this affects one server, it affects a thousand, and even one server affected is reason to doubt DNSWL.

I have had enough of your crap in general and you obviously don't take these issues seriously.

THIS IS A DIRECT REPORT OF DELIBERATE CORRUPTION TO SA RESULTS.

As far as the decision "Will not fix". See the above. What a bunch of idiots.

No development of mine would take such a stance.

This is the last reply from me, and I will make it known of your attitudes.

Kevin A. McGrail has the most sense of the lot of you. Shame the rest of you are script kiddies or too ignorant to pay attention.
Comment 28 Darxus 2011-12-14 02:22:32 UTC
(In reply to comment #27)
> WTF? Are you retarded? It isn't even worth reading your egotistical,
> patronising bullshit.

Anybody feel like voting to add DNSWL back as is just because of this guy?

> This is the last reply from me, and I will make it known of your attitudes.

I do hope so.
Comment 29 drmres 2011-12-14 02:32:44 UTC
I digress. Vote it back? Seems you're intent on supporting it. With its corruption. Heads up arses.

I suggest the non-fools and serious devs ignore anthing past comment 11.

The rest of you, keep posting your bullshit as you have nothing better to do. Those who actually use and want to make SA better, well, I wouldn't actually bother.

What a bunch of tossers.

To summarise, make sure your servers include the following in your config, and don't even think of paying for DNSWL -

My config at: .spamassasin/user_prefs

score RCVD_IN_DNSWL_NONE 0 
score RCVD_IN_DNSWL_LOW 0 
score RCVD_IN_DNSWL_MED 0 
score RCVD_IN_DNSWL_HI 0

What a bunch of jokers. Really.
Comment 30 drmres 2011-12-14 02:36:19 UTC
(In reply to comment #26)
> (speaking for dnswl.org)
> 
> (In reply to comment #0)
> 
> > FIRSTLY - Anyone can add their domain to DNSWL by filling in the form at
> > http://www.dnswl.org/request.pl which is obviously not monitored. Did no-one
> > think SPammers would think to add their domains?!
> 
> For the record, all requests are manually verified.

Hmm, very helpful that, as if you aren't paying them, any lookup is returned as 'trusted'.

More fools.

Obviously this issue is never going to be addressed and I can't see why. Who is on the payroll?
Comment 31 Benny Pedersen 2011-12-14 02:42:30 UTC
(In reply to comment #27)
> (In reply to comment #24)
> > (In reply to comment #20)
 
> This is the last reply from me, and I will make it known of your attitudes.

+1

easy when the bug is resolved ? :-)
Comment 32 Darxus 2011-12-14 02:51:19 UTC
(In reply to comment #27)
drmres@yahoo.com 2011-12-14 01:55:32 UTC
> This is the last reply from me, and I will make it known of your attitudes.

(In reply to comment #29)
drmres@yahoo.com 2011-12-14 02:32:44 UTC
> I digress. Vote it back? Seems you're intent on supporting it. With its

(In reply to comment #30)
drmres@yahoo.com 2011-12-14 02:36:19 UTC
> Hmm, very helpful that, as if you aren't paying them, any lookup is returned as


Liar.
Comment 33 Benny Pedersen 2011-12-14 02:52:38 UTC
(In reply to comment #30)

> More fools.

+1

> Obviously this issue is never going to be addressed and I can't see why. Who
> is on the payroll?

who had problem to start with ?, want others to pay for dns support ?, did you ask your dns hoster what the problem is ?, want to share it ?, make another bugzilla if sa devs should have another job as dns admins for you, keep basting wont help
Comment 34 drmres 2011-12-14 02:55:46 UTC
(In reply to comment #31)
> (In reply to comment #27)
> > (In reply to comment #24)
> > > (In reply to comment #20)
> 
> > This is the last reply from me, and I will make it known of your attitudes.
> 
> +1
> 
> easy when the bug is resolved ? :-)

Really? Ahh, I see issue 6668 comment 24 onwards. Thanks. As I said previously, at least Kevin A. McGrail has sense.

https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6668#c24

Regarding this issue, note that Darxus is a dnswl.org admin. At least one person here on their payroll then...

Surprising? Shouldn't this sort of thing be prohibited in the rules of being an SA dev under conflict of interest?
Comment 35 drmres 2011-12-14 02:57:25 UTC
(In reply to comment #32)
> (In reply to comment #27)
> drmres@yahoo.com 2011-12-14 01:55:32 UTC
> > This is the last reply from me, and I will make it known of your attitudes.
> 
> (In reply to comment #29)
> drmres@yahoo.com 2011-12-14 02:32:44 UTC
> > I digress. Vote it back? Seems you're intent on supporting it. With its
> 
> (In reply to comment #30)
> drmres@yahoo.com 2011-12-14 02:36:19 UTC
> > Hmm, very helpful that, as if you aren't paying them, any lookup is returned as
> 
> 
> Liar.


Me liar?

YOU ARE A DNSWL ADMIN.

You shouldn't be here in the first place. That's the next point of corruption.
Comment 36 drmres 2011-12-14 02:58:28 UTC
(In reply to comment #33)
> (In reply to comment #30)
> 
> > More fools.
> 
> +1
> 
> > Obviously this issue is never going to be addressed and I can't see why. Who
> > is on the payroll?
> 
> who had problem to start with ?, want others to pay for dns support ?, did you
> ask your dns hoster what the problem is ?, want to share it ?, make another
> bugzilla if sa devs should have another job as dns admins for you, keep basting
> wont help

This has NOTHING to do with DNS. This is a whitelist giving FALSE REPORTS.

Nothing more. As I said before. Keep being a fool. Won't help you.
Comment 37 Darxus 2011-12-14 03:01:39 UTC
(In reply to comment #35)
> Me liar?

Indisputably.
Comment 38 drmres 2011-12-14 03:09:04 UTC
What's indisputable is that you are a DNSWL admin intent on protecting your little paying organisation while they corrupt their results forcing people to pay for their services.

The liar is YOU. I suggest having a haircut and finding a proper job instead of making bread.

You are the most disreputable of the disreputable and should be removed from spreading your corruption any further for your own gain.

What a piece of shit.

All the while you try and defend this little shitty 'organisation' DNSWL that you probably setup yourself in between making bread and masturbating to make yourself some money out of other innocent persons and organisations.

You've been properly flamed and uncovered.

It's on YOU.