Re: Postscreen update

Stan Hoeppner wrote:
> I was going by information I received from another list.  I don't use
> the data feed service.  Does this include the CBL data set within Zen?

Yes;  CBL is a subset of XBL.  It's not provided separately, at least 
not by Spamhaus.  XBL alone is at least ~50x the size (on-disk) of the 
other Zen subcomponents (PBL being the next largest).

> I would make an educated guess that the size of the CBL data set would
> be over 100MB alone.  25 million 32bit IP addresses (4 bytes) would be
> 100MB, if my math is correct.  25 million bot infected hosts around the
> world seems like a very conservative estimate.

Since Spamhaus ZEN is intended to be used as a no-FP blocklist, it's 
probably a lot less aggressive about listing these than some other lists 
might be.

> Yeah, running the Spamhaus zones on local rbldnsd instances on each MX
> would require some distribution magic, as you state.  Never done this
> myself.  I'd be more inclined to go the route you've taken, if I were
> ever in a position to manage such a thing.

The "magic" amounts to a couple of crontab entries:

*/5 * * * * root rsync /path/to/spamhaus-in resolver1::rbldns
*/5 * * * * root rsync /path/to/spamhaus-in resolver2::rbldns

(I set up a script to only copy the actual zone data files - the inbound 
Spamhaus sync sometimes leaves extra files lying around, I have to build 
the local blacklist zone data from the database, and it's always nice to