Recommended spam.lists and/or sendmail dnsbl settings?

Wed Dec 5 22:11:37 GMT 2007

on 12/5/2007 4:39 AM Peter Farrow spake the following:
> Steve Freegard wrote:
>> Duncan, Brian M. wrote:
>>> I guess it is the case that everyone has different needs.
>>
>> Yup - most definitely.
>>
>>> We never reject messages at the MTA level. (Well actually messages that
>>> are destined to users that do not have valid MS Exchange SMTP records
>>> are rejected, so I guess never is not correct, but that is the only case
>>> we reject at the edge)
>>
>> Count yourself very lucky then - I've worked with many companies in 
>> the  past that had similar policies. They got so much junk they were 
>> adding extra MailScanner servers or upgrading existing machines every 
>> 6 months or so to attempt to keep up with the load that this imposed 
>> on them.
>>
>>> RBL's tend to be a love/hate thing.  We love them, based on the fact
>>> that we still deliver every failed RBL message to the users Junk Mail
>>> folder. (Giving them the option to "white list" in outlook RBL'ed
>>> sources.
>>
>> Yes - but in the case of Spamhaus (which is why people like them) if 
>> you do some analysis you'll find that unless you've got horsepower, 
>> disk space (and the associated money) to burn it isn't worth 
>> delivering these messages.
>>
>> From the last SpamAssassin mass-check network tests run:
>>
>> xbl.spamhaus.org hit on 68.7% of spam messages and 0.0033% non-spam 
>> messages (3 out of 90160 non-spam messages)
>>
>> pbl.spamhaus.org hit on 61% of spam messages and 0.43% non-spam (390 
>> out of 90160 non-spam messages)
>>
>> sbl.spamhaus.org hit on 1.26% of spam message and 0.0388% non-spam (35 
>> out of 90160 non-spam messages)
>>
>> Based on those stats - I love RBLs too as that tells me that I could 
>> potentially gain 70% efficiency by rejecting them before they get to 
>> MailScanner.
>>
>>> Given that Mailscanner allows "high scoring treatment" on RBL checked
>>> messages, and then the capability to set the intended actions (including
>>> delivery) I would think the extra control over RBL behavior could allow
>>> even finer tuning in some environments.
>>
>> I agree - everyone has different requirements and I think checking the 
>> Spam Lists in order and stopping at the first hit would make sense 
>> from an efficiency point of view.
>>
>> Cheers,
>> Steve.
> For me,
> 
> If a sender/relay is listed on an RBL I reject it before it gets to 
> MailScanner.  The sender knows they've been rejected so they can talk to 
> their ISP or IT dept to fix the problem.   Personally I see no need to 
> even consider email from somebody who relayed through a blacklisted 
> server.  This has not caused any complaints from my clients.
> 
> Regards
> 
> Pete
> 
> 
And for a critical host, whitelisting can be done while they fix their mess. 
But not indefinitely. If they don't care to fix it, they shouldn't be running 
a mailserver. I have even helped some of our business partners that had 
systems set up by clueless or under trained people.
You always get the Mom and Pop shop that let their nephew Jimmy set up their 
mail server because they didn't know any better. Most laymen think that e-mail 
is like putting a postal mailbox in front of your house, and waiting for the 
postman to stop. Although in some ways it is...have you seen the volume of 
"spam" in your snail-mail box?


-- 
MailScanner is like deodorant...
You hope everybody uses it, and
you notice quickly if they don't!!!!