Hey guys, I'm facing a MASSIVE spam amount despite greylisting and stuff, and I wonder, if SBLs could help in this. On one hand, it's quite an interesting thing, I mean, you don't have to tag all spam yourself, you just query a database in the internet and poof, a large amound of spam is just gone. On the other hand, I also heard that these blacklists don't work very reliable, and produce a significant amount of false positives resulting in "valid" mails being rejected by the mailserver. So, I would like to know from you the best practice: Use SBLs or just rely on your local Amavis DB. Thank you in Advanced Regards Zero
I use several blacklists. My current config looks like: Code: reject_rbl_client zen.spamhaus.org, reject_rbl_client blackholes.easynet.nl, reject_rbl_client proxies.blackholes.wirehub.net, reject_rbl_client bl.spamcop.net, reject_rhsbl_sender dbl.spamhaus.org, reject_rhsbl_reverse_client dbl.spamhaus.org,
If you have a reasonably current postfix version and your customers all send mail on port 587, not port 25, take a look at postscreen which can use multiple weighted dnsbls to help with exactly this. Then you could need to match several lower-quality dnsbls to get blocked, or one high quality list might do it. There is sample config at https://git.ispconfig.org/ispconfig/ispconfig3/issues/4239 (note you need to remove the MYDOMAIN.COM lines, or replace with your own). Spam prevention is multi-layered, and white/black lists are certainly useful to include.