On 04/01/22 13:38, Dominic Raferd wrote:
I haven't tried using the new plug-in with SA, but I have been using
the list in a postfix restriction list (in place of
redacted.dbl.dq.spamhaus.net) on several of my mailservers:
reject_rhsbl_sender
redacted.dbl-beta.dq.spamhaus.net=127.0.[0..2].[0..255]
reject_rhsbl_reverse_client
redacted.dbl-beta.dq.spamhaus.net=127.0.[0..2].[0..255]
reject_rhsbl_helo redacted.dbl-beta.dq.spamhaus.net=127.0.[0..2].[0..255]
Since I started in early December 2021 these restrictions have not
caught any incoming mail, whereas the same but using
dbl.dq.spamhaus.net on another of my mail servers continue to pick up
many (with minimal fps).
Am I doing something wrong, or is this expected behaviour?
Hi,
you are not supposed to use the abused-legit component of DBL in
Postfix, because the target of that DNSBL is to list abused websites
mostly seen in the email body, that are often used as redirectors to
more spammy domains. Doing the rejections your way can unfortunately
only lead to more FPs
The correct way to do it is by checking the URLs in the email body,
either by using our plugin or in some other ways.
--
Best regards,
Riccardo Alfieri
Spamhaus Technology
https://www.spamhaustech.com/
