Loading ...
Sorry, an error occurred while loading the content.

269552Re: Postscreen update

Expand Messages
  • Kris Deugau
    Oct 1, 2010
      Stan Hoeppner wrote:
      > I was going by information I received from another list. I don't use
      > the data feed service. Does this include the CBL data set within Zen?

      Yes; CBL is a subset of XBL. It's not provided separately, at least
      not by Spamhaus. XBL alone is at least ~50x the size (on-disk) of the
      other Zen subcomponents (PBL being the next largest).

      > I would make an educated guess that the size of the CBL data set would
      > be over 100MB alone. 25 million 32bit IP addresses (4 bytes) would be
      > 100MB, if my math is correct. 25 million bot infected hosts around the
      > world seems like a very conservative estimate.

      Since Spamhaus ZEN is intended to be used as a no-FP blocklist, it's
      probably a lot less aggressive about listing these than some other lists
      might be.

      > Yeah, running the Spamhaus zones on local rbldnsd instances on each MX
      > would require some distribution magic, as you state. Never done this
      > myself. I'd be more inclined to go the route you've taken, if I were
      > ever in a position to manage such a thing.

      The "magic" amounts to a couple of crontab entries:

      */5 * * * * root rsync /path/to/spamhaus-in resolver1::rbldns
      */5 * * * * root rsync /path/to/spamhaus-in resolver2::rbldns

      (I set up a script to only copy the actual zone data files - the inbound
      Spamhaus sync sometimes leaves extra files lying around, I have to build
      the local blacklist zone data from the database, and it's always nice to
      trap errors of various kinds. But it's trivial enough any ISP sysadmin
      should be able to hack out a similar wrapper in an hour or two.)

    • Show all 14 messages in this topic