[TriLUG] preferred RBLs?

[Aaron Joyner]

Rick DeNatale wrote:

>On 11/29/05, Corey Mutter <corey at mutternet.com> wrote:
>  
>
>>On Tue, Nov 29, 2005 at 10:17:18AM -0500, Jason Tower wrote:
>>    
>>
>>>anyone have smtp RBLs that they're particularly fond of?
>>>      
>>>
>>I second others' recommendations for sbl-xbl.spamhaus.org.
>>
>>The way I have it set up at my day job, I use MIMEDefang and do the
>>blacklist check in filter_recipient(). It means the list gets checked
>>once per recipient instead of once per connection, but it also means
>>that I can set some addresses (like 'contact' and 'support') to not
>>filter using the blacklist. The machine has a caching DNS server anyway,
>>so no big deal on the DNS load.
>>
>>My Web page referenced in the bounce message given tells people that
>>they can use the contact or support addresses to email us, if they
>>happen to get on the list. So far, in a couple of years, that's only
>>happened once (when an ieee.org mailserver got on XBL because a machine
>>behind their NAT was spewing out viruses...)
>>    
>>
>
>I have to say that I'm a big NON-fan of using RBLs to bounce mail.
>  
>
Kudos to Rick for making the point I'd been meaning to sit down and 
write up in response to this thread.  His response was undoubtedly more 
concise than mine would have been.  :)  As an ISP sysadmin vet of many 
moons, I can't say it loudly enough... don't use RBLs to block mail.  
Assign them a weight in your filtering setup, so you're not throwing 
away mail, at the worst you're filing it into a folder marked RBL or 
Spam or whatever if it matches any of the RBLs, or more reasonably, such 
that you're considering other factors to determine if it's actually 
spam.  Your users (even if that's just you) will thank you (or yourself, 
as the case may be).

Aaron S. Joyner