Spamhaus has been working fine for me and has been a wonderful resource
for many years, but I recently decided I had to disable using them on my
personal, low volume mail server because of a few recent surprises
(that's right, I don't look at Spamhaus rejects, timestamps are UTC):
Jul 10 22:20:34 mm-new smtpd[28996]: NOQUEUE: reject: RCPT from
s0.eburgsquare.com[104.223.145.19]: 554 5.7.1 Service unavailable; Unverified Client host
[s0.eburgsquare.com] blocked using dbl.spamhaus.org;
https://www.spamhaus.org/query/domain/eburgsquare.com; from=<webmaster1...@eburgsquare.com>
to=<[elided]@milhollan.com> proto=ESMTP helo=<s0.eburgsquare.com>
Jul 13 21:59:33 mm-new smtpd[20435]: NOQUEUE: reject: RCPT from
liaoningosaurus.mktdns.com[192.28.148.54]: 554 5.7.1 Service unavailable; Client host
[192.28.148.54] blocked using sbl-xbl.spamhaus.org;
from=<733-ksk-625.0.175526.0.0.16914.9.10824...@email1.digium.com>
to=<[elided]@milhollan.com> proto=ESMTP helo=<email1.digium.com>
Jul 14 00:13:04 mm-new smtpd[22318]: NOQUEUE: reject: RCPT from
mail-ej1-f68.google.com[209.85.218.68]: 554 5.7.1 Service unavailable; Client host
[209.85.218.68] blocked using sbl-xbl.spamhaus.org;
from=<microsoftsubscription99...@gmail.com> to=<[elided]@milhollan.com> proto=ESMTP
helo=<mail-ej1-f68.google.com>
Jul 14 15:25:30 mm-new smtpd[3627]: NOQUEUE: reject: RCPT from
gk-w94-email.usps.gov[56.0.84.94]: 554 5.7.1 Service unavailable; Client host [56.0.84.94]
blocked using sbl-xbl.spamhaus.org; from=<uspsinformeddeliv...@informeddelivery.usps.com>
to=<[elided]@milhollan.com> proto=ESMTP helo=<gk-w94-email.usps.gov>
Jul 14 22:37:33 mm-new smtpd[10015]: NOQUEUE: reject: RCPT from
my-mail.splashtop.com[34.208.80.28]: 554 5.7.1 Service unavailable; Client host [34.208.80.28]
blocked using sbl-xbl.spamhaus.org; from=<no-re...@my-mail.splashtop.com>
to=<[elided]@milhollan.com> proto=ESMTP helo=<my-mail.splashtop.com>
Jul 15 06:17:18 mm-new smtpd[14530]: NOQUEUE: reject: RCPT from
mta0.tedlarbagsale.com[134.73.145.18]: 554 5.7.1 Service unavailable; Unverified Client host
[mta0.tedlarbagsale.com] blocked using dbl.spamhaus.org;
https://www.spamhaus.org/query/domain/tedlarbagsale.com;
from=<webmaster4...@tedlarbagsale.com> to=<[elided]@milhollan.com> proto=ESMTP
helo=<mta0.tedlarbagsale.com>
Jul 15 10:00:11 mm-new smtpd[3294]: NOQUEUE: reject: RCPT from mx.mailop.org[91.132.147.157]:
554 5.7.1 Service unavailable; Client host [91.132.147.157] blocked using sbl-xbl.spamhaus.org;
from=<mailop-boun...@mailop.org> to=<[elided]@milhollan.com> proto=ESMTP
helo=<mx.mailop.org>
Both DBL rejections look to be spam. But all but 1 of these SBL-XBL
rejections were non-spam (I know those senders and want their messages)
so for me are false-positives -- the Gmail rejection looks like spam (I
don't know that sender). 16 rejections (9 good rejections not shown)
between Jul 10 00:00Z and Jul 15 10:20Z, 4 of which were not appropriate
makes for a not good ratio.
Manually checking the SBL-XBL rejections on the mail server shortly
after the last rejection yielded null/NXDOMAIN responses via DNS using
getent/dig and showed "no issues" via the Spamhaus web site reputation
center. I use my own local resolver (unbound 1.13.1) with no forwarders
configured.
/mark
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
