spamassassin-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Junk" <j...@lexoncom.com>
Subject Re: FIlter
Date Mon, 04 Dec 2017 22:17:27 GMT
So I wonder if
postscreen_dnsbl is enabled is it possible that mail get lost by mistake?
Somehow some false positive?

How do you maintain the list?


> On 12/02/2017 09:09 PM, Junk wrote:
>> Is there any list that can be trusted and is publicly available or
>> unless you pay nothing is trusted?
>>
>>
>
> See my previous list of postscreen_dnsbl_sites entries.  These can be
> trusted in aggregate but not individually.  Traditionally in MTAs, a
> single block list hit will reject email but that is too risky.  You
> really should consider switching to Postfix and try out
> postscreen_dnsbl_sites to combine the results of block lists.  More
> trustworthy lists get a higher weight and less trustworthy lists get a
> lower weight above zero.  Whitelists get a negative weight to lower the
> total score.
>
> /etc/postfix/main.cf:
> postscreen_cache_retention_time      = 7d
> postscreen_bare_newline_ttl          = 7d
> postscreen_greet_ttl                 = 7d
> postscreen_non_smtp_command_ttl      = 7d
> postscreen_pipelining_ttl            = 7d
> postscreen_dnsbl_ttl                 = 1m
> postscreen_dnsbl_threshold           = 8
> postscreen_dnsbl_action              = enforce
> postscreen_greet_action              = enforce
> postscreen_greet_wait                = ${stress?1}${stress:11}s
> postscreen_bare_newline_action       = enforce
> postscreen_bare_newline_enable       = yes
> postscreen_non_smtp_command_enable   = yes
> postscreen_pipelining_enable         = yes
> postscreen_dnsbl_whitelist_threshold = -1
> postscreen_blacklist_action          = drop
>
> postscreen_dnsbl_sites =
>    ... (from previous email)
>
>>> On Dec 2, 2017, at 7:44 PM, Bill Cole
>>> <sausers-20150205@billmail.scconsult.com> wrote:
>>>
>>>> On 2 Dec 2017, at 13:33 (-0500), David Jones wrote:
>>>>
>>>> Then you can start experimenting with RBLs at
>>>> http://multirbl.valli.org/lookup/
>>>
>>> Be VERY careful with that list of DNSBLs. For years they listed and
>>> tested my local, private, never-public DNSBL (which has always had an
>>> external view that "lists the world") despite repeated requests to
>>> stop, resulting in a steady stream of clueless users pleading,
>>> rationalizing, and/or threatening me over their supposed listing. It is
>>> only after I started to give actively hostile answers to external
>>> queries that they took my DNSBL off their lookup page, but they still
>>> ping it every day or so. Apparently, similar sites copied them and some
>>> end users seem to have gotten the bright idea to query the zone,
>>> sometimes in substantial volume.
>>>
>>> The bottom line: before actually *using* any of the DNSBLs you find via
>>> any 3rd-party site, research the list's actual purpose and
>>> availability.
>>>
>>> --
>>> Bill Cole
>>> bill@scconsult.com or billcole@apache.org
>>> (AKA @grumpybozo and many *@billmail.scconsult.com addresses)
>>> Currently Seeking Steady Work: https://linkedin.com/in/billcole
>>
>
>
> --
> David Jones
>



Mime
View raw message