RBLS

Discussion:

RBLS

Philip Parsons

2014-05-09 19:03:36 UTC

I do not want to kick of the discussion about where to use RBLS as we have all read them before, but I am interested in knowing if you are one of the people that use the RBLS within mailscanner instead of the MTA which ones are you using and getting the most results from ?

Thank you.
Philip Parsons
IT and Telecommunication Specialist
Techeez IT Consulting
250-818-2879
Skype ID: techeez
www.techeez.com "Making IT easy"

IMPORTANT NOTICE
This e-mail is confidential, may be legally privileged, and is for the intended recipient only. Access, disclosure, copying and distribution or reliance on any of it by anyone else is prohibited and may be a criminal offence. Please delete if obtained in error and e-mail confirmation to the sender.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20140509/c88da9c1/attachment.html

Jeremy McSpadden

2014-05-09 19:15:45 UTC

Permalink

MTA time is better, doesn't use up useless CPU cycles for MS.

Zen, Barracuda, PSBL .. Are usually safe

--
Jeremy McSpadden
Flux Labs | http://www.fluxlabs.net | Endless Solutions
Office : 850-250-5590x501<tel:850-250-5590;501> | Cell : 850-890-2543<tel:850-890-2543> | Fax : 850-254-2955<tel:850-254-2955>

On Fri, May 9, 2014 at 12:14 PM -0700, "Philip Parsons" <pparsons at techeez.com<mailto:pparsons at techeez.com>> wrote:

I do not want to kick of the discussion about where to use RBLS as we have all read them before, but I am interested in knowing if you are one of the people that use the RBLS within mailscanner instead of the MTA which ones are you using and getting the most results from ?

Thank you.
Philip Parsons
IT and Telecommunication Specialist
Techeez IT Consulting
250-818-2879
Skype ID: techeez
www.techeez.com "Making IT easy"

IMPORTANT NOTICE
This e-mail is confidential, may be legally privileged, and is for the intended recipient only. Access, disclosure, copying and distribution or reliance on any of it by anyone else is prohibited and may be a criminal offence. Please delete if obtained in error and e-mail confirmation to the sender.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20140509/156f47b5/attachment.html

Terry Hulen Jr

2014-05-09 19:34:25 UTC

Permalink

What Jeremy said...

Post by Jeremy McSpadden
MTA time is better, doesn't use up useless CPU cycles for MS.
Zen, Barracuda, PSBL .. Are usually safe
--
Jeremy McSpadden
Flux Labs | http://www.fluxlabs.net | Endless Solutions
Office : 850-250-5590x501 | Cell : 850-890-2543 | Fax : 850-254-2955
On Fri, May 9, 2014 at 12:14 PM -0700, "Philip Parsons"
I do not want to kick of the discussion about where to use RBLS as we have
all read them before, but I am interested in knowing if you are one of the
people that use the RBLS within mailscanner instead of the MTA which ones
are you using and getting the most results from ?
Thank you.
Philip Parsons
IT and Telecommunication Specialist
Techeez IT Consulting
250-818-2879
Skype ID: techeez
www.techeez.com "Making IT easy"
IMPORTANT NOTICE
This e-mail is confidential, may be legally privileged, and is for the
intended recipient only. Access, disclosure, copying and distribution or
reliance on any of it by anyone else is prohibited and may be a criminal
offence. Please delete if obtained in error and e-mail confirmation to the
sender.
--
MailScanner mailing list
mailscanner at lists.mailscanner.info
http://lists.mailscanner.info/mailman/listinfo/mailscanner
Before posting, read http://wiki.mailscanner.info/posting
Support MailScanner development - buy the book off the website!

Alex Neuman

2014-05-09 20:14:39 UTC

Permalink

Plus, if your MTA is properly set it'll give legitimate senders enough
information to get themselves off the RBL.

*Alex Neuman van der Hans*Reliant Technologies / Vida Digital
http://vidadigital.com.pa/

Mobile: +507-6781-9505
Work: +507-832-6725
Work (USA): +1-440-253-9789

Follow *@AlexNeuman <https://twitter.com/alexneuman>* on Twitter
Like Vida Digital <https://facebook.com/vidadigital/> on Facebook
Follow VidaDigital <http://instagram.com/vidadigital> on Instagram
Subscribe to Vida Digital <https://youtube.com/reliantpty> on Youtube

Post by Jeremy McSpadden
MTA time is better, doesn't use up useless CPU cycles for MS.
Zen, Barracuda, PSBL .. Are usually safe
--
Jeremy McSpadden
Flux Labs | http://www.fluxlabs.net | Endless Solutions
Office : 850-250-5590x501 <850-250-5590;501> | Cell : 850-890-2543 | Fax
: 850-254-2955
On Fri, May 9, 2014 at 12:14 PM -0700, "Philip Parsons" <
I do not want to kick of the discussion about where to use RBLS as we
have all read them before, but I am interested in knowing if you are one of
the people that use the RBLS within mailscanner instead of the MTA which
ones are you using and getting the most results from ?
Thank you.
Philip Parsons
IT and Telecommunication Specialist
Techeez IT Consulting
250-818-2879
Skype ID: techeez
www.techeez.com "Making IT easy"
IMPORTANT NOTICE
This e-mail is confidential, may be legally privileged, and is for the
intended recipient only. Access, disclosure, copying and distribution or
reliance on any of it by anyone else is prohibited and may be a criminal
offence. Please delete if obtained in error and e-mail confirmation to the
sender.
--
MailScanner mailing list
mailscanner at lists.mailscanner.info
http://lists.mailscanner.info/mailman/listinfo/mailscanner
Before posting, read http://wiki.mailscanner.info/posting
Support MailScanner development - buy the book off the website!

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20140509/539aeaa8/attachment.html

Jeremy McSpadden

2014-05-09 19:47:36 UTC

Permalink

One thing to keep in mind with RBLs, are DNS queries. It is not recommended to use public DNS servers. (Google/open dns) Run bind/named/dnsmasq/tinydns locally. Also, you won't really gain anything by having too many RBLs .. You'll just up the processing time and queries.

--
Jeremy McSpadden
Flux Labs | http://www.fluxlabs.net | Endless Solutions
Office : 850-250-5590x501<tel:850-250-5590;501> | Cell : 850-890-2543<tel:850-890-2543> | Fax : 850-254-2955<tel:850-254-2955>

On Fri, May 9, 2014 at 12:14 PM -0700, "Philip Parsons" <pparsons at techeez.com<mailto:pparsons at techeez.com>> wrote:

I do not want to kick of the discussion about where to use RBLS as we have all read them before, but I am interested in knowing if you are one of the people that use the RBLS within mailscanner instead of the MTA which ones are you using and getting the most results from ?

Thank you.
Philip Parsons
IT and Telecommunication Specialist
Techeez IT Consulting
250-818-2879
Skype ID: techeez
www.techeez.com "Making IT easy"

IMPORTANT NOTICE
This e-mail is confidential, may be legally privileged, and is for the intended recipient only. Access, disclosure, copying and distribution or reliance on any of it by anyone else is prohibited and may be a criminal offence. Please delete if obtained in error and e-mail confirmation to the sender.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20140509/3e2bab7d/attachment.html

Alex Neuman

2014-05-09 23:51:42 UTC

Permalink

Been there, done that. In my experience dnsmasq has a good light/powerful
balance.

*Alex Neuman van der Hans*Reliant Technologies / Vida Digital
http://vidadigital.com.pa/

Mobile: +507-6781-9505
Work: +507-832-6725
Work (USA): +1-440-253-9789

Follow *@AlexNeuman <https://twitter.com/alexneuman>* on Twitter
Like Vida Digital <https://facebook.com/vidadigital/> on Facebook
Follow VidaDigital <http://instagram.com/vidadigital> on Instagram
Subscribe to Vida Digital <https://youtube.com/reliantpty> on Youtube

Post by Jeremy McSpadden
One thing to keep in mind with RBLs, are DNS queries. It is not
recommended to use public DNS servers. (Google/open dns) Run
bind/named/dnsmasq/tinydns locally. Also, you won't really gain anything by
having too many RBLs .. You'll just up the processing time and queries.
--
Jeremy McSpadden
Flux Labs | http://www.fluxlabs.net | Endless Solutions
Office : 850-250-5590x501 <850-250-5590;501> | Cell : 850-890-2543 | Fax
: 850-254-2955
On Fri, May 9, 2014 at 12:14 PM -0700, "Philip Parsons" <
I do not want to kick of the discussion about where to use RBLS as we
have all read them before, but I am interested in knowing if you are one of
the people that use the RBLS within mailscanner instead of the MTA which
ones are you using and getting the most results from ?
Thank you.
Philip Parsons
IT and Telecommunication Specialist
Techeez IT Consulting
250-818-2879
Skype ID: techeez
www.techeez.com "Making IT easy"
IMPORTANT NOTICE
This e-mail is confidential, may be legally privileged, and is for the
intended recipient only. Access, disclosure, copying and distribution or
reliance on any of it by anyone else is prohibited and may be a criminal
offence. Please delete if obtained in error and e-mail confirmation to the
sender.
--
MailScanner mailing list
mailscanner at lists.mailscanner.info
http://lists.mailscanner.info/mailman/listinfo/mailscanner
Before posting, read http://wiki.mailscanner.info/posting
Support MailScanner development - buy the book off the website!

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20140509/c7ba2a4e/attachment.html

Jonas Akrouh Larsen

2014-05-14 08:59:57 UTC

Permalink

This part I do not agree with. Unless you think all RBL's contains more or less the same IP's, its pretty obvious that your protection improves with more RBL's.

Also unless you have resource contention in regards to multiple threads, the slowness RBL's introduce doesn't matter, and the system is just waiting for a response from the network, which almost doesn't consume any system resources.

Personally I have RBL's in both the MTA and in mailscanner. In the MTA I greylist based on a few very trustworthy RBL's and in mailscanner I score based on ohh I don't know 10-20 RBL's. It allows you to have a much more fine-tuned system instead of blocking based on a single RBL at the SMTP level.

The advantage of having them in mailscanner is mainly that you can whitelist senders, the disadvantage is that senders aren't told that they are listed (but since all the RBL's I use are public db's used in thousands of systesm I trust somebody else will let them know soon enough :) )

Med venlig hilsen / Best regards
?
Jonas Akrouh Larsen
?
TechBiz ApS
Laplandsgade 4, 2. sal
2300 K?benhavn S
?
Office: 7020 0979
Direct: 3336 9974
Mobile: 5120 1096
Web: www.techbiz.dk

Peter Farrow

2014-05-14 09:23:53 UTC

Permalink

I have to agree with Jonas... I have about 6 Blacklists I routinely use...

P.

Post by Jonas Akrouh Larsen

This part I do not agree with. Unless you think all RBL's contains more or less the same IP's, its pretty obvious that your protection improves with more RBL's.
Also unless you have resource contention in regards to multiple threads, the slowness RBL's introduce doesn't matter, and the system is just waiting for a response from the network, which almost doesn't consume any system resources.
Personally I have RBL's in both the MTA and in mailscanner. In the MTA I greylist based on a few very trustworthy RBL's and in mailscanner I score based on ohh I don't know 10-20 RBL's. It allows you to have a much more fine-tuned system instead of blocking based on a single RBL at the SMTP level.
The advantage of having them in mailscanner is mainly that you can whitelist senders, the disadvantage is that senders aren't told that they are listed (but since all the RBL's I use are public db's used in thousands of systesm I trust somebody else will let them know soon enough :) )
Med venlig hilsen / Best regards
Jonas Akrouh Larsen
TechBiz ApS
Laplandsgade 4, 2. sal
2300 K?benhavn S
Office: 7020 0979
Direct: 3336 9974
Mobile: 5120 1096
Web: www.techbiz.dk

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20140514/a988ed58/attachment.html

Terry Hulen Jr

2014-05-14 13:25:13 UTC

Permalink

I do not believe that anyone is wrong in this thread. I have ~3-5 DNSBLs
that I use. All of these are utilized at the MTA and I also use
Greylisting. I am using postfix as my MTA.

With all of that being said...

The poster's original question was if I used RBLs with MS, the answer is
that I have never needed to. I save machine resources by catching the
offenders early in the process and if they cannot make it past the MTA,
they cannot get to MS anyway.

Post by Peter Farrow
I have to agree with Jonas... I have about 6 Blacklists I routinely use...
P.
One thing to keep in mind with RBLs, are DNS queries. It is not recommended
to use public DNS servers. (Google/open dns) Run
bind/named/dnsmasq/tinydns locally. Also, you won't really gain anything by
having too many RBLs .. You'll just up the processing time and queries.
This part I do not agree with. Unless you think all RBL's contains more or less the same IP's, its pretty obvious that your protection improves with more RBL's.
Also unless you have resource contention in regards to multiple threads, the slowness RBL's introduce doesn't matter, and the system is just waiting for a response from the network, which almost doesn't consume any system resources.
Personally I have RBL's in both the MTA and in mailscanner. In the MTA I greylist based on a few very trustworthy RBL's and in mailscanner I score based on ohh I don't know 10-20 RBL's. It allows you to have a much more fine-tuned system instead of blocking based on a single RBL at the SMTP level.
The advantage of having them in mailscanner is mainly that you can whitelist senders, the disadvantage is that senders aren't told that they are listed (but since all the RBL's I use are public db's used in thousands of systesm I trust somebody else will let them know soon enough :) )
Med venlig hilsen / Best regards
Jonas Akrouh Larsen
TechBiz ApS
Laplandsgade 4, 2. sal
2300 K?benhavn S
Office: 7020 0979
Direct: 3336 9974
Mobile: 5120 1096
Web: www.techbiz.dk
--
MailScanner mailing list
mailscanner at lists.mailscanner.info
http://lists.mailscanner.info/mailman/listinfo/mailscanner
Before posting, read http://wiki.mailscanner.info/posting
Support MailScanner development - buy the book off the website!

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20140514/ee1b6064/attachment.html

Philip Parsons

2014-05-14 16:29:27 UTC

Permalink

Actually the original question was if you use them which ones do you use ? and have had the greatest success with. Hahaha I also said I did not want to kick off the discussion again which has gone through the list many many times?

I am just looking for some suggestions to what lists to use.

From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Terry Hulen Jr
Sent: May-14-14 6:25 AM
To: MailScanner discussion
Subject: Re: RBLS

I do not believe that anyone is wrong in this thread. I have ~3-5 DNSBLs that I use. All of these are utilized at the MTA and I also use Greylisting. I am using postfix as my MTA.
With all of that being said...
The poster's original question was if I used RBLs with MS, the answer is that I have never needed to. I save machine resources by catching the offenders early in the process and if they cannot make it past the MTA, they cannot get to MS anyway.

On Wed, May 14, 2014 at 5:23 AM, Peter Farrow <peter at farrows.org<mailto:peter at farrows.org>> wrote:
I have to agree with Jonas... I have about 6 Blacklists I routinely use...

P.

On 14/05/2014 09:59, Jonas Akrouh Larsen wrote:

One thing to keep in mind with RBLs, are DNS queries. It is not recommended

to use public DNS servers. (Google/open dns) Run

bind/named/dnsmasq/tinydns locally. Also, you won't really gain anything by

having too many RBLs .. You'll just up the processing time and queries.

This part I do not agree with. Unless you think all RBL's contains more or less the same IP's, its pretty obvious that your protection improves with more RBL's.

Also unless you have resource contention in regards to multiple threads, the slowness RBL's introduce doesn't matter, and the system is just waiting for a response from the network, which almost doesn't consume any system resources.

Personally I have RBL's in both the MTA and in mailscanner. In the MTA I greylist based on a few very trustworthy RBL's and in mailscanner I score based on ohh I don't know 10-20 RBL's. It allows you to have a much more fine-tuned system instead of blocking based on a single RBL at the SMTP level.

The advantage of having them in mailscanner is mainly that you can whitelist senders, the disadvantage is that senders aren't told that they are listed (but since all the RBL's I use are public db's used in thousands of systesm I trust somebody else will let them know soon enough :) )

Med venlig hilsen / Best regards

Jonas Akrouh Larsen

TechBiz ApS

Laplandsgade 4, 2. sal

2300 K?benhavn S

Office: 7020 0979

Direct: 3336 9974

Mobile: 5120 1096

Web: www.techbiz.dk<http://www.techbiz.dk>

--
MailScanner mailing list
mailscanner at lists.mailscanner.info<mailto:mailscanner at lists.mailscanner.info>
http://lists.mailscanner.info/mailman/listinfo/mailscanner

Before posting, read http://wiki.mailscanner.info/posting

Support MailScanner development - buy the book off the website!

--
This message has been scanned for viruses and
dangerous content by MailScanner<http://www.mailscanner.info/>, and is
believed to be clean.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20140514/4eb78e5f/attachment.html

Terry Hulen Jr

2014-05-14 16:56:50 UTC

Permalink

"but I am interested in knowing if you are one of the people that use the
RBLS within mailscanner instead of the MTA which ones are you using and
getting the most results from ?"

b.barracudacentral.org
zen.spamhaus.org
bl.spamcop.net

Post by Philip Parsons
Actually the original question was if you use them which ones do you use
? and have had the greatest success with. Hahaha I also said I did not
want to kick off the discussion again which has gone through the list many
many times?
I am just looking for some suggestions to what lists to use.
mailscanner-bounces at lists.mailscanner.info] *On Behalf Of *Terry Hulen Jr
*Sent:* May-14-14 6:25 AM
*To:* MailScanner discussion
*Subject:* Re: RBLS
I do not believe that anyone is wrong in this thread. I have ~3-5 DNSBLs
that I use. All of these are utilized at the MTA and I also use
Greylisting. I am using postfix as my MTA.
With all of that being said...
The poster's original question was if I used RBLs with MS, the answer is
that I have never needed to. I save machine resources by catching the
offenders early in the process and if they cannot make it past the MTA,
they cannot get to MS anyway.
I have to agree with Jonas... I have about 6 Blacklists I routinely use...
P.
One thing to keep in mind with RBLs, are DNS queries. It is not recommended
to use public DNS servers. (Google/open dns) Run
bind/named/dnsmasq/tinydns locally. Also, you won't really gain anything by
having too many RBLs .. You'll just up the processing time and queries.
This part I do not agree with. Unless you think all RBL's contains more or less the same IP's, its pretty obvious that your protection improves with more RBL's.
Also unless you have resource contention in regards to multiple threads, the slowness RBL's introduce doesn't matter, and the system is just waiting for a response from the network, which almost doesn't consume any system resources.
Personally I have RBL's in both the MTA and in mailscanner. In the MTA I greylist based on a few very trustworthy RBL's and in mailscanner I score based on ohh I don't know 10-20 RBL's. It allows you to have a much more fine-tuned system instead of blocking based on a single RBL at the SMTP level.
The advantage of having them in mailscanner is mainly that you can whitelist senders, the disadvantage is that senders aren't told that they are listed (but since all the RBL's I use are public db's used in thousands of systesm I trust somebody else will let them know soon enough :) )
Med venlig hilsen / Best regards
Jonas Akrouh Larsen
TechBiz ApS
Laplandsgade 4, 2. sal
2300 K?benhavn S
Office: 7020 0979
Direct: 3336 9974
Mobile: 5120 1096
Web: www.techbiz.dk
--
MailScanner mailing list
mailscanner at lists.mailscanner.info
http://lists.mailscanner.info/mailman/listinfo/mailscanner
Before posting, read http://wiki.mailscanner.info/posting
Support MailScanner development - buy the book off the website!
--
This message has been scanned for viruses and
dangerous content by *MailScanner* <http://www.mailscanner.info/>, and is
believed to be clean.
--
MailScanner mailing list
mailscanner at lists.mailscanner.info
http://lists.mailscanner.info/mailman/listinfo/mailscanner
Before posting, read http://wiki.mailscanner.info/posting
Support MailScanner development - buy the book off the website!

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20140514/9c4338dd/attachment.html

Alex Crow

2014-05-14 18:53:19 UTC

Permalink

I'd not use spamcop in an MTA. Too unreliable for an outright reject as
it's based on their users' opinions of what is SPAM and what is not.
Unsurprisingly a lot of IPs are blacklisted in SpamCop just because
someone signed up for the service, subscribed to something, and then
instead of addressing that problem reported it to SpamCop,

Zen and Sorbs will kill a lot, add greylisting and rejecting mail for
unknown users and it's as good as Gmail for spamlessness.

We tried it and had a lot of customer complaints so now we just use it
for a moderate + score in MS.

Cheers

Post by Philip Parsons
Actually the original question was if you use them which ones do you
use ? and have had the greatest success with. Hahaha I also said I
did not want to kick off the discussion again which has gone through
the list many many times...
I am just looking for some suggestions to what lists to use.
*From:*mailscanner-bounces at lists.mailscanner.info
[mailto:mailscanner-bounces at lists.mailscanner.info] *On Behalf Of
*Terry Hulen Jr
*Sent:* May-14-14 6:25 AM
*To:* MailScanner discussion
*Subject:* Re: RBLS
I do not believe that anyone is wrong in this thread. I have ~3-5
DNSBLs that I use. All of these are utilized at the MTA and I also
use Greylisting. I am using postfix as my MTA.
With all of that being said...
The poster's original question was if I used RBLs with MS, the answer
is that I have never needed to. I save machine resources by catching
the offenders early in the process and if they cannot make it past the
MTA, they cannot get to MS anyway.
On Wed, May 14, 2014 at 5:23 AM, Peter Farrow <peter at farrows.org
I have to agree with Jonas... I have about 6 Blacklists I
routinely use...
P.
One thing to keep in mind with RBLs, are DNS queries. It is not recommended
to use public DNS servers. (Google/open dns) Run
bind/named/dnsmasq/tinydns locally. Also, you won't really gain anything by
having too many RBLs .. You'll just up the processing time and queries.
This part I do not agree with. Unless you think all RBL's contains more or less the same IP's, its pretty obvious that your protection improves with more RBL's.
Also unless you have resource contention in regards to multiple threads, the slowness RBL's introduce doesn't matter, and the system is just waiting for a response from the network, which almost doesn't consume any system resources.
Personally I have RBL's in both the MTA and in mailscanner. In the MTA I greylist based on a few very trustworthy RBL's and in mailscanner I score based on ohh I don't know 10-20 RBL's. It allows you to have a much more fine-tuned system instead of blocking based on a single RBL at the SMTP level.
The advantage of having them in mailscanner is mainly that you can whitelist senders, the disadvantage is that senders aren't told that they are listed (but since all the RBL's I use are public db's used in thousands of systesm I trust somebody else will let them know soon enough :) )
Med venlig hilsen / Best regards
Jonas Akrouh Larsen
TechBiz ApS
Laplandsgade 4, 2. sal
2300 K?benhavn S
Office: 7020 0979
Direct: 3336 9974
Mobile: 5120 1096
Web:www.techbiz.dk <http://www.techbiz.dk>
--
MailScanner mailing list
mailscanner at lists.mailscanner.info
<mailto:mailscanner at lists.mailscanner.info>
http://lists.mailscanner.info/mailman/listinfo/mailscanner
Before posting, read http://wiki.mailscanner.info/posting
<http://wiki.mailscanner.info/posting>
Support MailScanner development - buy the book off the website!
--
This message has been scanned for viruses and
dangerous content by *MailScanner* <http://www.mailscanner.info/>, and is
believed to be clean.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20140514/50215ba9/attachment.html

Terry Hulen Jr

2014-05-14 19:26:31 UTC

Permalink

I use those 3 in order. I have not had an issue with spamcop blocking
something that it shouldn't. Barracuda grabs the majority (due to it being
the first one) of spammers so I do not have to worry about whitelisting. I
have this theory (and I do not recommend anyone else following it), IF you
end up on Barracuda's list, you probably deserved it. I haven't seen many
false positives from Barraucda or ZEN.

Post by Alex Crow
I'd not use spamcop in an MTA. Too unreliable for an outright reject as
it's based on their users' opinions of what is SPAM and what is not.
Unsurprisingly a lot of IPs are blacklisted in SpamCop just because someone
signed up for the service, subscribed to something, and then instead of
addressing that problem reported it to SpamCop,
Zen and Sorbs will kill a lot, add greylisting and rejecting mail for
unknown users and it's as good as Gmail for spamlessness.
We tried it and had a lot of customer complaints so now we just use it for
a moderate + score in MS.
Cheers
Actually the original question was if you use them which ones do you use
? and have had the greatest success with. Hahaha I also said I did not
want to kick off the discussion again which has gone through the list many
many times?
I am just looking for some suggestions to what lists to use.
*From:* mailscanner-bounces at lists.mailscanner.info [
mailto:mailscanner-bounces at lists.mailscanner.info<mailscanner-bounces at lists.mailscanner.info>]
*On Behalf Of *Terry Hulen Jr
*Sent:* May-14-14 6:25 AM
*To:* MailScanner discussion
*Subject:* Re: RBLS
I do not believe that anyone is wrong in this thread. I have ~3-5 DNSBLs
that I use. All of these are utilized at the MTA and I also use
Greylisting. I am using postfix as my MTA.
With all of that being said...
The poster's original question was if I used RBLs with MS, the answer is
that I have never needed to. I save machine resources by catching the
offenders early in the process and if they cannot make it past the MTA,
they cannot get to MS anyway.
I have to agree with Jonas... I have about 6 Blacklists I routinely use...
P.
One thing to keep in mind with RBLs, are DNS queries. It is not recommended
to use public DNS servers. (Google/open dns) Run
bind/named/dnsmasq/tinydns locally. Also, you won't really gain anything by
having too many RBLs .. You'll just up the processing time and queries.
This part I do not agree with. Unless you think all RBL's contains more or less the same IP's, its pretty obvious that your protection improves with more RBL's.
Also unless you have resource contention in regards to multiple threads, the slowness RBL's introduce doesn't matter, and the system is just waiting for a response from the network, which almost doesn't consume any system resources.
Personally I have RBL's in both the MTA and in mailscanner. In the MTA I greylist based on a few very trustworthy RBL's and in mailscanner I score based on ohh I don't know 10-20 RBL's. It allows you to have a much more fine-tuned system instead of blocking based on a single RBL at the SMTP level.
The advantage of having them in mailscanner is mainly that you can whitelist senders, the disadvantage is that senders aren't told that they are listed (but since all the RBL's I use are public db's used in thousands of systesm I trust somebody else will let them know soon enough :) )
Med venlig hilsen / Best regards
Jonas Akrouh Larsen
TechBiz ApS
Laplandsgade 4, 2. sal
2300 K?benhavn S
Office: 7020 0979
Direct: 3336 9974
Mobile: 5120 1096
Web: www.techbiz.dk
--
MailScanner mailing list
mailscanner at lists.mailscanner.info
http://lists.mailscanner.info/mailman/listinfo/mailscanner
Before posting, read http://wiki.mailscanner.info/posting
Support MailScanner development - buy the book off the website!
--
This message has been scanned for viruses and
dangerous content by *MailScanner* <http://www.mailscanner.info/>, and is
believed to be clean.
--
MailScanner mailing list
mailscanner at lists.mailscanner.info
http://lists.mailscanner.info/mailman/listinfo/mailscanner
Before posting, read http://wiki.mailscanner.info/posting
Support MailScanner development - buy the book off the website!

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20140514/7edec0c6/attachment.html

Alex Crow

2014-05-14 19:00:30 UTC

Permalink

Post by Jonas Akrouh Larsen
The advantage of having them in mailscanner is mainly that you can

whitelist senders,

You can whitelist pretty much anything in your MTA too before an RBL
lookup happens. I'm speaking for postfix but if the other big ones don't
allow you to say "this host is OK, SPF pass is OK, DKIM pass is OK"
before hitting an RBL they are a pretty poor MTA!

Tracy Greggs

2014-05-09 22:17:00 UTC

Permalink

I would totally agree with the previous responses.

The one big advantage to using them with SA however is you can whitelist
senders rather easily with MailWatch or Baruwa that would otherwise get
scored high enough to be quarantined where that is not so easy when used at
the MTA level. But as previously stated, at the cost of CPU cycles etc.

You might also want to consider something like rbldnsd on your server if you
desire to implement your own RBL as well.

If you want to go the rbldnsd route and need any help with it, feel free to
msg me off list.

Regards,

Tracy Greggs

Oklahoma Network Consulting

From: mailscanner-bounces at lists.mailscanner.info
[mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Philip
Parsons
Sent: Friday, May 09, 2014 2:04 PM
To: MailScanner discussion
Subject: RBLS

I do not want to kick of the discussion about where to use RBLS as we have
all read them before, but I am interested in knowing if you are one of the
people that use the RBLS within mailscanner instead of the MTA which ones
are you using and getting the most results from ?

Thank you.
Philip Parsons
IT and Telecommunication Specialist

Techeez IT Consulting

250-818-2879

Skype ID: techeez
www.techeez.com "Making IT easy"

IMPORTANT NOTICE
This e-mail is confidential, may be legally privileged, and is for the
intended recipient only. Access, disclosure, copying and distribution or
reliance on any of it by anyone else is prohibited and may be a criminal
offence. Please delete if obtained in error and e-mail confirmation to the
sender.
--
This message has been scanned for viruses and
dangerous content by <http://www.mailscanner.info/> MailScanner, and is
believed to be clean.

--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20140509/49875a68/attachment-0001.html

Continue reading on narkive:

Search results for 'RBLS' (Questions and Answers)

replies

WHY IS THE ROYAL BRITISH LEGION SCOTLAND HIDING THE NOW KNOWN FACT OF FRAUD ?

started 2008-11-23 17:27:19 UTC

current events

replies

Is Quibids a scam? The bid is in pennies, but each penny costs $.60?

started 2012-10-05 20:43:47 UTC

business & finance

replies

Is this a legit website or a scam.? http://www.freetouchcase.com/?