RBLS

Jonas Akrouh Larsen jonas at vrt.dk
Wed May 14 09:59:57 IST 2014


> One thing to keep in mind with RBLs, are DNS queries. It is not recommended
> to use public DNS servers. (Google/open dns) Run
> bind/named/dnsmasq/tinydns locally. Also, you won't really gain anything by
> having too many RBLs .. You'll just up the processing time and queries.

This part I do not agree with. Unless you think all RBL's contains more or less the same IP's, its pretty obvious that your protection improves with more RBL's.

Also unless you have resource contention in regards to multiple threads, the slowness RBL's introduce doesn't matter, and the system is just waiting for a response from the network, which almost doesn't consume any system resources.

Personally I have RBL's in both the MTA and in mailscanner. In the MTA I greylist based on a few very trustworthy RBL's and in mailscanner I score based on ohh I don't know 10-20 RBL's. It allows you to have a much more fine-tuned system instead of blocking based on a single RBL at the SMTP level.

The advantage of having them in mailscanner is mainly that you can whitelist senders, the disadvantage is that senders aren't told that they are listed (but since all the RBL's I use are public db's used in thousands of systesm I trust somebody else will let them know soon enough :) )


Med venlig hilsen / Best regards
 
Jonas Akrouh Larsen
 
TechBiz ApS
Laplandsgade 4, 2. sal
2300 København S
 
Office: 7020 0979
Direct: 3336 9974
Mobile: 5120 1096
Web: www.techbiz.dk




More information about the MailScanner mailing list