[CDBUG-talk] sorbs.net blacklist too aggressive? (fwd)

Jaime jaime at snowmoon.com
Tue Oct 4 06:45:00 EDT 2016


Back when I ran my own email server, I used Postfix.  I compared the rate of blocking by postgrey verses the RBLs and found that most of the blocking was due to postgrey.  So I highly recommend using it and suspect you could do a mostly decent job without SORBS, if you used postgrey and maybe amavisd-new with ClamAV (running freshclamd to keep the malware definitions current) and maybe one or two other RBLs.

That said, SMTP was designed to handle occasional outages and I found that Google actively worked to correct issues that resulted in RBL listings.  So when one of their many IPs ended up blocked, it was usually removed by the next day.  If you "soft fail" (so to speak) RBL matches, the messages will eventually arrive. They'll just be delayed to a level that most users find unacceptable these days.  So you can pick your poison, I suppose.

One word of warning, though.  Postgrey introduces a delay to message delivery at first.  As the servers that you interact with the most get whitelisted, that will mostly stop.  I find that most institutions will have a set of places that they interact with commonly.  Those will be remembered by postgrey pretty well and allowed in without delay.  Any new IPs will have this delay the first few times they send to your postfix installation.  At least, I'm pretty sure that was a side effect of the way postgrey worked. It has been about 7+ years, so my memory is a little fuzzy on that part.

Jaime



More information about the CDBUG-talk mailing list