Recommended spam.lists and/or sendmail dnsbl settings?

Steve Freegard steve.freegard at fsl.com
Thu Dec 6 10:46:05 GMT 2007


Joost Waversveld wrote:
> Scott Silva wrote:
>> on 12/4/2007 5:57 PM Budi Febrianto spake the following:
>>> Scott Silva wrote:
>>>>> This is what I currently have in sendmail.mc
>>>>>
>>>>> FEATURE(`dnsbl',`sbl-xbl.spamhaus.org', `"554 Rejected " 
>>>>> $&{client_addr} " - see http://www.spamhaus.org/SBL/"')dnl
>>>>> FEATURE(`dnsbl', `dnsbl.njabl.org', `"554 Rejected " 
>>>>> $&{client_addr} " - see http://dnsbl.njabl.org/method.html"')dnl
>>>>> FEATURE(`dnsbl', `bl.spamcop.net',         `"554 Rejected " 
>>>>> $&{client_addr} " found in bl.spamcop.net"')dnl
>>>>> FEATURE(`dnsbl', `chinanet.blackholes.us', `"554 Rejected " 
>>>>> $&{client_addr} " found in chinanet.blackholes.us"')dnl
>>>>>
>>>>>
>>>>>
>>>> If you put your spamhaus lookups at the bottom, you will generate 
>>>> less traffic to them. The sendmail RBL lookups are serial and stop 
>>>> on the first positive.
>>> ah, so if I put zen.spamhaus.org at the bottom of the list, it will 
>>> reduce a lot of query to spamhaus, so I should be safe ( I hope so).
>>> I will put bl.spamcop.net at first, and  two or three others before 
>>> zen.spamhaus.org.
>>>
>> Spamcop will probably catch a large portion, at least 60% or better.
>> You could also put cbl.abuseat.org before spamhaus, even if it is a 
>> double lookup, because that list is a significant portion of the zen 
>> list, and will cut lookups to zen even more.
>>
> Because of your message I was looking on the website of the 
> cbl.abuseat.org and founf on http://cbl.abuseat.org/faq.html the 
> following text:
> ------------------------------------------------------------------------------------------
> If you wish to download the CBL zone, YOU MUST register
> 
> WARNING: it is CBL policy that spam filter and spam filter service 
> vendors MUST obtain a paid-for feed from Spamhaus. Filter providers that 
> do not have a paid-for feed from Spamhaus, or who have not registered 
> for the CBL feed, MAY find themselves inhibited from obtaining a CBL 
> feed without warning.
> ------------------------------------------------------------------------------------------
> 
> I do not know how they count the connections to the servers, but 
> officially you will still need an paid-for feed from Spamhaus.
> 

That text is talking about downloading the *zone file* via rsync, not 
querying the public mirrors.

Regards,
Steve.


More information about the MailScanner mailing list