On Tue, Jun 2, 2015 at 2:33 AM, furio ercolessi <furio...@spin.it> wrote:
>
> Their recommended setting is
>
> reject_rhsbl_client dbl.spamhaus.org=127.0.1.[2..99],
> reject_rhsbl_sender dbl.spamhaus.org=127.0.1.[2..99],
> reject_rhsbl_helo dbl.spamhaus.org=127.0.1.[2..99]
>
> Return codes above 127.0.1.100 are the "abused legit" codes,
> referring to good domains that were hacked by spammers,
> typically to host bad contents on the web site.
> So you apply the whole of DBL on content scanning, but limit
> yourself to the real bad domains on the SMTP checks,
> otherwise you increase the risk of false positives with
> probably little benefit.
>
> Also, it is always a good idea to include a range check
> for the return code, so also zen.spamhaus.org=127.0.0.[2..255]
> won't hurt.
Thanks. So:
reject_rbl_client zen.spamhaus.org=127.0.0.[2..255],
reject_rhsbl_client dbl.spamhaus.org=127.0.1.[2..99],
reject_rhsbl_sender dbl.spamhaus.org=127.0.1.[2..99],
reject_rhsbl_helo dbl.spamhaus.org=127.0.1.[2..99],
Better?
SteveJ
