>In any case, this rule is blocking 50% of my connections now. What DNSBLs are you using? I spotchecked a few of the hosts you showed in your blog entry, and they're all in the CBL or PBL.
The CBL lists vast numbers of zombies, with essentially no false positives. (It watches mail to large spamtraps and lists hosts that send mail with zombie-ish characteristics). The PBL is Spamhaus' policy block list, including ranges of dynamic and other hosts that shouldn't be sending mail. The Spamhaus ZEN list includes both of them along with the SBL. I'd think that would catch as much spam just as cheaply without the false positives. R's, John
