On Sunday 13 June 2004 18.01, Dale Amon wrote:
> What are the recommended rbl's these days?
Just one opinion more:
(ok, this is postfix syntax. But let's not start this war here :-)
reject_rbl_client cbl.abuseat.org,
reject_rbl_client list.dsbl.org,
these are very good and catch most.
reject_rbl_client cn-kr.blackholes.us,
And 70% of what is not caught above hangs here. Obviously, if you have
regular emaul traffic with them, you shouldn't do this...
reject_rbl_client relays.ordb.org,
reject_rbl_client sbl.spamhaus.org,
Catches not much these days, especially not much that is not already in
abuseat. But still 10-20 emails per week.
reject_rbl_client spews.blackholes.us,
SPEWS is very controversial. It blocks spammers and spam-supporters, the
latter may include big IP ranges from ISPs that do not react to
complaints. Also, SPEWS is not really transparent. They have 'case
files', but IMHO they are hard to read and not really clear. I've not
had false positives that I know of because of this, but still, I
wouldn't use it in a business server.
Additionally, I used to use {comcast,rr}.blackholes.us, but abuseat
contains most of the spamzombies already, so I dropped them. Similarly,
reject_rhsbl_client spamdomains.blackholes.easynet.nl,
reject_rhsbl_sender spamdomains.blackholes.easynet.nl,
reject_rhsbl_client porn.rhs.mailpolice.com,
reject_rhsbl_sender porn.rhs.mailpolice.com,
reject_rhsbl_client bulk.rhs.mailpolice.com,
reject_rhsbl_sender bulk.rhs.mailpolice.com,
and
warn_if_reject reject_rbl_client bogons.cymru.com,
warn_if_reject reject_rbl_client spam.dnsrbl.net,
warn_if_reject reject_rbl_client es.blackholes.easynet.nl,
were dropped after they found nothing the ones I *do* use still didn't
already find. I've stopped using the latter three quite some time ago,
so maybe they don't work anymore now.
Also you may want to look at the rfc-ignorant.org ones, but reading
nanae I got the impression that they are more trouble than they're
worth.
In any case, I recommend that you thoroughly read information about the
blacklists you use, and that you follow some news source about spam
fighting, so that important news like some blacklist going bellyup and
blacklisting the world will not creep up on you from behind. One source
is nanae, which is unfortunately quite high volume and consists 70% of
flamewars. But I've not found a better source for information - just
ignore the trolls. (Honestly, when you follow nanae, the little
arguments on the debian lists are really soothing to the mind in their
mind-boggingly rationality and calm and to the point style of
discussion.)
cheers
-- vbi
--
featured link: http://fortytwo.ch/gpg/intro
Attachment:
pgpN7ahhilCaS.pgp
Description: signature