Spam Blacklists: Useful or Useless?

Discussion in 'General' started by ZeroEnna, Oct 6, 2016.

  1. ZeroEnna

    ZeroEnna Member

    Hey guys,
    I'm facing a MASSIVE spam amount despite greylisting and stuff, and I wonder, if SBLs could help in this. On one hand, it's quite an interesting thing, I mean, you don't have to tag all spam yourself, you just query a database in the internet and poof, a large amound of spam is just gone.
    On the other hand, I also heard that these blacklists don't work very reliable, and produce a significant amount of false positives resulting in "valid" mails being rejected by the mailserver.

    So, I would like to know from you the best practice: Use SBLs or just rely on your local Amavis DB.

    Thank you in Advanced
    Regards

    Zero
     
  2. sjau

    sjau Local Meanie Moderator

    I use several blacklists. My current config looks like:

    Code:
            reject_rbl_client zen.spamhaus.org,
            reject_rbl_client blackholes.easynet.nl,
            reject_rbl_client proxies.blackholes.wirehub.net,
            reject_rbl_client bl.spamcop.net,
            reject_rhsbl_sender dbl.spamhaus.org,
            reject_rhsbl_reverse_client dbl.spamhaus.org,
    
     
  3. Jesse Norell

    Jesse Norell Well-Known Member Staff Member Howtoforge Staff

    If you have a reasonably current postfix version and your customers all send mail on port 587, not port 25, take a look at postscreen which can use multiple weighted dnsbls to help with exactly this. Then you could need to match several lower-quality dnsbls to get blocked, or one high quality list might do it. There is sample config at https://git.ispconfig.org/ispconfig/ispconfig3/issues/4239 (note you need to remove the MYDOMAIN.COM lines, or replace with your own).

    Spam prevention is multi-layered, and white/black lists are certainly useful to include.
     

Share This Page