On Wed, 3 Aug 2022 at 18:30, Matus UHLAR - fantomas <uh...@fantomas.sk> wrote: > > On 03.08.22 10:39, Linkcheck wrote: > >I have recently begun getting blocks from dbl.spamhaus.org for "valid" > >email. I thought a single instance was an aberration but in all I've > >seen half a dozen emails blocked - a large number for my small system. > > > >The original setup was... > >============ > >smtpd_helo_restrictions = > > ... > > reject_rhsbl_helo dbl.spamhaus.org > > > >smtpd_sender_restrictions = > > ... > > reject_rhsbl_sender dbl.spamhaus.org > > > >smtpd_recipient_restrictions = > > ... > > reject_rbl_client zen.spamhaus.org > > reject_rhsbl_client dbl.spamhaus.org > >============ > > > >I have now disabled the dbl.spamhaus tests but left in place the > >zen.spamhaus one. > > > >The mail server is an old one, running almost untouched for several > >years. The positioning of the spamhaus tests has not changed in some > >time until now. I am setting up a new server with postfix, > >spamassassin, dovecot etc but it has yet to receive any real mail. > > > >I am concerned that adding spamhaus tests to postfix on the new server > >may be detrimental even though, until now, I have seen no adverse > >reaction. > > > >Spamhaus has a page for setting up postfix and recommends... > >============ > >smtpd_recipient_restrictions = > > ... > > reject_rbl_client zen.spamhaus.org=127.0.0.[2..11] > > reject_rhsbl_sender dbl.spamhaus.org=127.0.1.[2..99] > > reject_rhsbl_helo dbl.spamhaus.org=127.0.1.[2..99] > > reject_rhsbl_reverse_client dbl.spamhaus.org=127.0.1.[2..99] > > warn_if_reject reject_rbl_client zen.spamhaus.org=127.255.255.[1..255] > >============ > > > >Is this a realistic setup? Should there be more, fewer or repositioned > >tests? > > I have moved towards postscreen a long time ago. > > postscreen supports multiple scored blocklists and/or allowlists, block > clients from configured score and with pregreet test helps with blocking > many bots and can even replace greylisting protection. > > http://www.postfix.org/POSTSCREEN_README.html > > -- > Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ > Warning: I wish NOT to receive e-mail advertising to this address. > Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. > Posli tento mail 100 svojim znamim - nech vidia aky si idiot > Send this email to 100 your friends - let them see what an idiot you are
This is the right approach. Rgds/DP
