Postfix And Choice Of RBL
Hi,
I’m managing several mail servers running CentOS 7, Postfix and Dovecot. SpamAssassin is filtering mail nicely, but I’m considering using RBL
(blacklists) to take some load off the servers.
General question to those of you who use RBL. Which lists do you recommend using?
Cheers,
Niki
—
Microlinux – Solutions informatiques durables
7, place de l’église – 30730 Montpezat Site : https://www.microlinux.fr Mail : info@microlinux.fr Tél. : 04 66 63 10 32
Mob. : 06 51 80 12 12
7 thoughts on - Postfix And Choice Of RBL
The best free blacklist that I’m aware of is zen.spamhaus.org. I’ve been using it as a blacklist on my server for years without any problems.
More info: https://www.spamhaus.org/zen/
—
Bowie
Bowie Bailey wrote:
uses. My issue is that IMO, the method they use to blacklist hasn’t been good for almost 20 years: instead of blocking a specific domain, they blacklist the mailserver.
Now, in Days of Yore, when people were connected by modem to an ISP, maybe. But most ISPs were devoured by large companies, such as my hosting provider, Hostmonster. They have a few mailservers, which they loadbalance with… and they host, I have personally been told, millions of domains.
The first time I ran into this, around 2000, I was unable to email a friend in Canada, because they were blacklisting RoadRunner, which was the ONLY WAY hundreds of thousands of folks in Chicago sent email, that having eaten all the other ISPs.
Now, blocking my mailserver, which is a unifiedlayer somethingorother, because a few of those burner domains that people buy, send spam, etc from, and blow off, means I, and many others, are screwed.
Getting through to a hosting provider support to do something with the blacklister means a) proving I’m the account owner b) telling them what’s wrong, and c) convincing the call taker that I really do know what I’m talking about, and they do have to push it to tier 2 support, or d) escalating to get a manager, who’ll push it.
And like that’s going to happen in an hour. Try a day or five.
This is why I dislike blacklists, the way they’re currently run.
mark
In my “reject_rbl_client” lines, I’ve been using:
– hil.habeas.com
– sbl-xml.spamhaus.org
– bl.spamcop.net
And in my reject_rhsbl_sender line, I have:
– ds.rfc-ignorant.org
Additionally, I’ve got Postgrey enabled, which does a really good job of weeding out the spambot desktops and such.
Am 17.06.2019 um 16:50 schrieb Bowie Bailey:
Spmhaus isn’t free per se.
https://www.spamhaus.org/organization/dnsblusage/
Alexander
Am 17.06.2019 um 18:09 schrieb Mike Burger:
Instead of using reject_rbl_client the better choice is to use postscreen within Postfix. That enables the admin to set weighted scores, not rejecting based on a single RBL.
Alexander
Am 17.06.2019 um 19:10 schrieb Alexander Dalloz:
Forgot to mention that when using postscreen you can drop Postgrey as postscreen does the same job.
Alexander
Right. I haven’t looked at blacklists in a while and I’m nowhere near their limits for free use, so I forgot that they charge for higher volume users.
—
Bowie