> Hardin wrote:
>> On Tue, 16 Sep 2008, Marc Perkel wrote:
>>> Looking from opinions from people running rbl blacklists.
>>> I have a list that contains a lot of name based information. I'm
>>> about to add a lot more information to the list and what will happen
>>> is that when you look up a name you might get several results. For
>>> example, a hostname might be blacklisted, be in a URIBL list, be in
>>> a day old bread list, and a NOT QUIT list. So it might return 4
>>> results like 127.0.0.2, 127.0.0.6, 127.0.0.7, 127.0.0.8.
>>> Is this what would be considered "best practice". My thinking is
>>> that having one list that returns everything is very efficient.
>> Isn't general practice to bitmap the last octet if you're going to
>> convey multiple pieces of information?
> If you have a situation where there might be more than one "answer"
> for a given query, and you are content with having a maximum of 7
> possible answers, then...
Why just 7? You have 2 other octets to use.. 127.X.Y.Z - X and Y
dont have to be zeros...
512 possibilities if you use all the bit on all 3 octets (but I'd avoid
448 possibilities if you only count bit 1 settable on octet 2 and 3 (ie
343 if you avoid setting bit 1 altogether on any octet (ie 127.2.2.2)
Dallas Engelken email@example.com http://uribl.com