On Tue, Jun 2, 2015 at 2:33 AM, furio ercolessi <furio...@spin.it> wrote:
> > Their recommended setting is > > reject_rhsbl_client dbl.spamhaus.org=127.0.1.[2..99], > reject_rhsbl_sender dbl.spamhaus.org=127.0.1.[2..99], > reject_rhsbl_helo dbl.spamhaus.org=127.0.1.[2..99] > > Return codes above 127.0.1.100 are the "abused legit" codes, > referring to good domains that were hacked by spammers, > typically to host bad contents on the web site. > So you apply the whole of DBL on content scanning, but limit > yourself to the real bad domains on the SMTP checks, > otherwise you increase the risk of false positives with > probably little benefit. > > Also, it is always a good idea to include a range check > for the return code, so also zen.spamhaus.org=127.0.0.[2..255] > won't hurt. Thanks. So: reject_rbl_client zen.spamhaus.org=127.0.0.[2..255], reject_rhsbl_client dbl.spamhaus.org=127.0.1.[2..99], reject_rhsbl_sender dbl.spamhaus.org=127.0.1.[2..99], reject_rhsbl_helo dbl.spamhaus.org=127.0.1.[2..99], Better? SteveJ