In article <4f8e6a78fdrobin@xxxxxxxxxxxxx>, Robin Hampshire <robin@xxxxxxxxxxxxx> wrote: > In article <4f8e618636antispam@xxxxxxxxx>, > Frank de Bruijn <antispam@xxxxxxxxx> wrote: > > All you need to know to *use* block lists with AntiSpam, is that you > > shouldn't delete any messages on Weight values less than 10 > > (depending on the block list service providers used this value may > > change, so I decided against 'hard coding' it in the program). > Does AS contact the various DNSBL providers for every message, or does > it download a local database for use on the fly? Actually, the block list system uses the standard domain name system so there's never any direct contact with the providers. The program just asks your default nameserver for the IP address of a particular host and the response is the block list entry [1]. This is quite fast, in my experience (DNS queries are very small messages). > Which providers does it use as default, See the file !AntiSpam.Resources.!NSQ.Settings. The ones in the [DNSBL] section are used. > and if more than one then how does it resolve conflicts between them > (I don't want to know on a technical level - a bit of layman's > narrative is enough :-) ) It simply adds all the weights from all the queries together. Even if the result is only 10 (i.e. only present in one block list), that should be enough to act on. The providers used are well respected and quite reliable (there's always the occasional mishap, of course - see the start of this thread). > Anyway, I shall try it and see what happens. Let me know if you have more questions or if things don't (seem to) work as expected. In article <4f8e6d1a6erobin@xxxxxxxxxxxxx>, Robin Hampshire <robin@xxxxxxxxxxxxx> wrote: > Well I've tried it and it works a treat. Good. :-) > Many thanks. You're welcome. Regards, Frank [1] That's the 'compact' explanation. You want details? Read on... When AntiSpam scans the Received: headers of a message and finds something that looks like an IP address, it tells the NSQ module to send a DNS query about the following hosts (let's assume the IP address is 11.22.33.44): 44.33.22.11.zen.spamhaus.org 44.33.22.11.bl.spamcop.net 44.33.22.11.db.wpbl.info These queries travel along the DNS until some server can answer them. The response will be either a code in the form of an address in the 127.x.x.x range or a message that the host isn't listed. The response is interpreted by NSQ, using the tables in the Settings file, and returned to AntiSpam. AntiSpam gathers all responses to do with that message (there's usually more than one Received: header) and acts on the Weight rule if the sum of all responses is larger than the value given.