On 2018-03-02 07:24, Dominic Raferd wrote:
On 1 March 2018 at 23:24, J Doe <gene...@nativemethods.com> wrote:
I know there are a number of lists of publicly available DNS BL’s but
is there a list of BL’s that have a low false-positive history ? I’m
aware that false positives do happen, but blacklisting Gmail seems to
be avoidable.
For external rbls this is what I currently use (extract from
smtpd_recipient_restrictions list in main.cf, not postscreen), I have
not been made aware of any false positives in a long time. Suggestions
for improvement welcome:
...
permit_dnswl_client hostkarma.junkemailfilter.com=127.0.0.1
permit_dnswl_client list.dnswl.org=127.0.[0..255].[1..3]
permit_dnswl_client white.uribl.com
reject_rbl_client zen.spamhaus.org
reject_rbl_client dyna.spamrats.com
reject_rbl_client noptr.spamrats.com
reject_rbl_client hostkarma.junkemailfilter.com=127.0.0.2
reject_rbl_client bad.psky.me=127.0.0.3
https://www.spamhaus.org/organization/statement/015/fraudulent-dnsbl-uncovered-protected-sky-bad.psky.me
reject_rbl_client truncate.gbudb.net
reject_rhsbl_helo dbl.spamhaus.org
Doesn't zen contain everything you need from spamhaus?
reject_rhsbl_sender dbl.spamhaus.org
reject_rhsbl_reverse_client dbl.spamhaus.org
reject_rhsbl_helo uribl.spameatingmonkey.net
reject_rhsbl_sender uribl.spameatingmonkey.net
reject_rhsbl_reverse_client uribl.spameatingmonkey.net
reject_rhsbl_helo black.uribl.com
reject_rhsbl_sender black.uribl.com
reject_rhsbl_reverse_client black.uribl.com
reject_rbl_client dnsbl.cobion.com
reject_rbl_client b.barracudacentral.org
# stop here for some recipients
check_recipient_access
hash:/etc/postfix/recipients_with_less_aggressive_rbl
reject_rhsbl_helo multi.surbl.org
reject_rhsbl_sender multi.surbl.org
reject_rhsbl_reverse_client multi.surbl.org
reject_rbl_client psbl.surriel.com
...
