Hi the list, I am posting the results of my tests in order to have fedback/feelings/remarqs. This is not directly spamassassin related, but can be helpful for people (I saw here) wondering if they would used the barracuda DNSBL.
the problem: - I have quite often complaints from my customers about mails they sent not being delivered because of some barracudacentral blocking. the facts: - As an ISP with tens of thounsands users, I have several mail relay plateforms offering smtp on port 587 (and 25 locally), authentication (not yet mandatory), SPF records published for my very own domains. the tests: - I ran a simple bash loop in order to tests my IP addresses (~40000 addresses) against several blacklists. Let me be clear: I admit my whole network (and so customer network) is not perfectly clean, and must include some bots (now or in the past). But results here really look terrible! Here follow the name of the black lists, te number of (black)listed entry, and the errors returned (mostly timout requests) ======== barracuda ======== listed: 7947 errors: 98 total: 38760 ======== sorbs ======== listed: 52 errors: 0 total: 38760 ======== spamhaus ======== listed: 2 errors: 0 total: 38760 ======== xbl ======== listed: 19 errors: 0 total: 38760 ======== cbl ======== listed: 19 errors: 1 total: 38760 When other well known DNSBL (I have always heard spamhaus sbl and xbl are trust worthy) list less at most 50 entries , barrcuda lists almost 8000!!!! Furthermore barracuda blacklists seems to return the very same DNS results whatever the reason of the listing is! Which, if true, does not makes it easy to take a decision of what to do with a mail when DNSBL matched. Finally there is a special feature that barrcuda folks call "deep scanning" which makes the appliance scans the 'Received' headers and reject the mails if an IP found in that headers, is listed in the DNSBL... a feature that should obviously be called: 'even increase my false positive rate' If I were asked to use barracuda bl I would just anwser: "NO WAY!"
