RBL within MailScanner or SA

Matt Kettler mkettler at EVI-INC.COM
Tue Jun 15 00:22:13 IST 2004


At 05:07 PM 6/14/2004, subscribe wrote:
>I was just woundering if it's smarter to be using SA to check these
>RBLs, where this checks to see if it's on 3 RBLs before marking it.
>Or just whitelist the mailinglist mailserver?
>
>Any best practises here ? I use the default RBLs that is included
>in MailScanner config.

It all depends on your needs and level of trust in the RBLs.

Some good questions to ask yourself would be:
         How severe a problem is it if you have a false positive?
         Is your email used for sales purposes? world-wide sales?
         Is your email only used for a limited set of contacts?
         Do you expect important email from a very wide variety of sources,
including possibly shady corners of the net?
         Do you have severe false-negative problems from SA?

I for one do not use any RBLs at the MailScanner level, and do it all via
SA. This is probably the most conservative approach that uses RBLs.

Of course, there's also those who go the other direction and use their RBLs
as SMTP-layer rejection criteria.

The decision between what layer to use RBLs at depends largely on how much
emphasis you want to place on false positive reduction vs false negative
reduction.

Implementing RBLs in a "one-hit to tag" manner provides lower
false-negative count, but also increases false-positives relative to just
using them at the SA layer.

Implementing them at the SMTP layer lets you save bandwidth by not
accepting the email, but makes false-positives non-recoverable.


All the approaches have their place, depending on what your needs are.

-------------------------- MailScanner list ----------------------
To leave, send    leave mailscanner    to jiscmail at jiscmail.ac.uk
Before posting, please see the Most Asked Questions at
http://www.mailscanner.biz/maq/     and the archives at
http://www.jiscmail.ac.uk/lists/mailscanner.html



More information about the MailScanner mailing list