On Sun, May 1, 2016, at 09:34 AM, Alice Wonder wrote: > I reduced the blacklists I use because every now and then I find my own > servers on them when I know for a fact there was no unsolicited mail > from them.
I'm in the same boat -- but typically want to know IF I'm on a list, especially if not legitimately, so I can remediate asap. > I think what happens is sometimes a Barracuda firewall is mis-configured > and flags something as spam that isn't and it gets on blacklists as a > result. I use postscreen with a multi-DNSBL check, scoring/weighting results. I've certainly found lists that incorrectly have a sender on them, but to date I've never caught a FP where the sender's on multiple, disparate lists. Fwiw, I found this http://rob0.nodns4.us/postscreen.html to be a great!! guide to thinking it through and setting it up. > Off topic I'm about to stop using DMARC for the same reason. I'll still > use SPF and DKIM but with DMARC I end up getting huge amounts of > notification, largely from mail lists that are posted to, and I almost > never have gotten a notification that is the result of someone spoofing > a domain. > > I like the concept of DMARC but I think it needs a better implementation. Hm. I added DMARC a little while ago; opendmarc integrates with Postfix nicely. To date, I've caught a bunch of spoofs, and, so far, have noticed no probs. As for notifications -- are you getting them in all cases, pass & fail? You can certainly tune the notification policy. For my use, I use DMarcian (https://dmarcian.com/), turn OFF notifications in the PASS case, only notifying in the FAIL case, and regularly monitor @ the DMarcian site to watch what's going in over time. Jason
