David and Noel, thanks for the pointer how to trace mails. Victor -- good catch. I don't remember how I came up with the old ordb.org. I looked up https://en.wikipedia.org/wiki/Comparison_of_DNS_blacklists and it's not even listed there.
The following URLs were useful to compare size and effectiveness of blacklists: http://www.sdsc.edu/~jeff/spam/Blacklists_Compared.html http://stats.uceprotect.net/?page=cw In particular the second, since it also contains false positives (and false negatives?). I personally don't like greylisting (if only because I don't want to wait when subscribing to this list, or receiving your useful replies ;)) My ideal configuration would be as follow: - Check 2 or 3 larger DNS blacklists. - If it is positive match, greylist. If not, allow the mail right away. - Add a header with the result of the blacklisting (so spamassassin can add some points, without doing the lookup again, if it comes through the greylist the second time) Is this possible? Add a greylist is easy with postgrey and something like: smtpd_restriction_classes = greylist greylist = check_policy_service inet:127.0.0.1:10023 reject_rbl_client doesn't work, since it rejects the mail instead of flag it for the above "greylist" class. I guess I can write a custom script and use check_policy_service. Would something along these lines already exist? So far I found http://www.sr71.net/scripts/greylist/, but I rather have postgrey handle the Greylisting. (I'm sure it is easy enough to create a policy script, it is just that I never done it before, and it's always useful to see a working example, especially when I like to see two actions -- add header and greylist.). Thanks a lot, Freek
