Jose Alberto a écrit :
> Greetings list.
>
> I am activating the check through blacklists (RBL) for receipt of
> mail, you can find many on the web, in fact place as a top 5, but
> first he had not placed let emails come even as hotmail, yahoo, gmail,
> among others. If it got to the final 2 below:
>
> smtpd_recipient_restrictions =
> ...
> ...
> reject_rbl_client sbl.spamhaus.org,
> reject_rbl_client list.dsbl.org,
dsbl is dead.
> ...
> ...
> permit
>
> My question is to see what I recommended for urls reject_rbl_client in
> place, if you need more than that I have there? alone or with just
> one?, what?
>
Rule 1: go for quality, not for quantity. don't try to maximize the
number of DNSBLs (and more generally, don't try to maximize the number
of checks that you use).
regerding DNSBLs,
reject_rbl_client zen.spamhaus.org
should be enough.
other lists are either unsafe (block legitimate mail) or don't block
much spam (that is not blocked by zen).
leave the messages that are not blocked by postfix to a spam filter
(spamassassin for example). some DNSBLs are better used in a score based
system such as spamassassin.
anyway, when you decide to use a DNSBL, check it. for a list
"some.domain.tld", the following tests are a minimum:
$ host 2.0.0.127.some.domain.tld
should return a result (127.0.0.2 should be listed)
$ host 1.0.0.127.some.domain.tld
should return NXDOMAIN (127.0.0.1 should not be listed).
of course, it is your job to check that the DNSBL policy matches your
site policy. so visit the DNSBL web site. if you can't find enough
infos, ignore it.
