[nycbug-talk] Mail Server In CBL List

Francisco Reyes lists at stringsutils.com
Sat Nov 4 17:57:58 EST 2006 

alex at pilosoft.com writes:

> spamhaus SBL is generally sane, although lately its been moving into 
> "collateral damage" direction. nevertheless, it is probably the sanest.

SBL only? not sbl-xbl?

I like psbl, http://psbl.surriel.com, because it is completely based on 
spamtraps.. and you can easily get an IP out automatically.


Funny you mention spamhaus.. after you said cbl was not very good. Spamhaus 
loads the cbl list into one of their lists (I think the sbl-xbl one).


> I can say what *not* to use: SORBS/SPEWS/spamcop.

Add fiveten to the list. I can not but be amazed that people use that at 
all. He would block entire nets because they are owned by a company that he 
believes doesn't fight spam enough.. so you can have THOUSANDS of IPs 
blocked that have never sent any spam.

   
> a) MTA front-end: short (1 minute) greylisting 

I like greylisting, but the amount of broken MTAs out there is pretty scary.
Have you found 1 minute to be effective? Why so low?
  
> c) blacklists

My current home list for RBLs is 
reject_rbl_client sbl-xbl.spamhaus.org,
reject_rbl_client cbl.abuseat.org,
reject_rbl_client bl.spamcop.net,
reject_rbl_client bl.csma.biz,
reject_rbl_client dnsbl-2.uceprotect.net,
reject_rbl_client dnsbl-1.uceprotect.net,
reject_rbl_client psbl.surriel.com
reject_rbl_client list.dsbl.org

Good for a home, small company setup... BAD for a large setup with lots of 
virtual domains.

At work I think I use something like
reject_rbl_client sbl-xbl.spamhaus.org,
reject_rbl_client cbl.abuseat.org,
reject_rbl_client bl.spamcop.net,
reject_rbl_client psbl.surriel.com


Although I read many complaints about spamcop, I find that  we get 
relatively few complaints about it from users, yet stops a good deal of 
spam.
  
The one RBL that surprised me on how much it caches.. and also the amount of 
complain from users.. is psbl.surriel.com

That RBL is completely based on spamtraps.. and it is very easy to get out.. 
go to a page.. enter IP... yet we get complaints from customers.. who are 
too lazy to read the description on the bounce back and to unsubscribe the 
IP they are trying to get mail from.

Part of the problem with dealing with spam.. is the different levels of 
tolerance from different customers.. Some customers will rather get all the 
spam in the world.. instead of missing emails from customers.. while others 
will rather not get all the mail from people they deal with.. as long as 
they don't get spam.

More information about the talk mailing list