On 09/16/2017 11:52 AM, Alex wrote:
Hi,
On Sat, Sep 16, 2017 at 9:45 AM, Kevin A. McGrail
<kevin.mcgr...@mcgrail.com> wrote:
Chris & all,
I have opened a bug about this:
https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7471
I believe scoring it 0 for now will disable the rule but that's just hiding
the issue.
Thanks for bringing it to the list, Chris.
I'm using b.barracuda.org with postfix. Perhaps you could also use
bb.barracuda.org there as well? Does it make sense to use it for both
SA and postfix?
postscreen_dnsbl_threshold = 8
postscreen_dnsbl_sites =
mykey.zen.dq.spamhaus.net=127.0.0.[10;11]*8
score.senderscore.com=127.0.4.[0..19]*5
score.senderscore.com=127.0.4.[20..29]*4
score.senderscore.com=127.0.4.[30..49]*3
score.senderscore.com=127.0.4.[50..59]*2
score.senderscore.com=127.0.4.[60..69]*1
score.senderscore.com=127.0.4.[70..79]*-1
score.senderscore.com=127.0.4.[80..89]*-2
score.senderscore.com=127.0.4.[90..100]*-3
b.barracudacentral.org*7
mykey.zen.dq.spamhaus.net=127.0.0.[4..7]*6
bl.mailspike.net*4
bl.spamcop.net*4
bl.spameatingmonkey.net*4
mykey.zen.dq.spamhaus.net=127.0.0.3*4
mykey.invaluement.com=127.0.0.2*8
mykey24.invaluement.com=127.0.0.2*6
ubl.unsubscore.com=127.0.0.2*1
list.dnswl.org=127.[0..255].[0..255].0*-2
list.dnswl.org=127.[0..255].[0..255].1*-3
list.dnswl.org=127.[0..255].[0..255].[2..255]*-4
dnsbl.sorbs.net=127.0.0.[10;14]*8
dnsbl.sorbs.net=127.0.0.5*7
dnsbl.sorbs.net=127.0.0.7*4
dnsbl.sorbs.net=127.0.0.6*3
dnsbl.sorbs.net=127.0.0.[8;9]*2
dnsbl.sorbs.net=127.0.0.4*1
In general you should use RBLs in both the MTA and SA for double layers
of protection. With a local caching DNS server, it shouldn't cause
extra DNS queries to authoritative DNS servers. It's possible that a
whitelist in postscreen could let an email past the MTA so you also want
SA to use it in the overall score. Also, SA should be checking RBLs for
proper outbound filtering.
In this case, the b. and bb. were designed for different purposes so I
would leave things as they are which is how I have my settings.
Here are the number of blocked messages by Postfix postscreen the past
week and b.barracudacentral.org is near the top and doing well with a
similar config as above:
zen.spamhaus.org 1439544
sip.invaluement.com 1427555
b.barracudacentral.org 704359
dnsbl.sorbs.net 147540
dnsbl.inps.de 125382
hostkarma.junkemailfilter.com 6219
sip24.invaluement.com 2178
bl.spamcop.net 1515
uri.invaluement.com 1508
Don't point to invaluement.com unless you are paying (very reasonable
price) for a subscription. I have a local rbldnsd authoritative zone.
--
David Jones
