On 26 May 2018, at 23:27, Voytek <li...@sbt.net.au> wrote:
> On Sun, May 27, 2018 3:22 am, /dev/rob0 wrote:
>
>> The obvious solution, if dnsbl.spfbl.net is blocking real mail, is to
>> stop using that list, or possibly to lower its score below your [unstated]
>> threshold score.
>
> Thanks for all replies and comments!
>
> I guess my starting point should be that, lower the score ?
No, your starting point should be to not use an RBL if you don’t know what it
is doing. Blacklisting a domain for not having a valid rDNS is something you
can do right in postfix, without needing to reach out to an RBL.
reject_unknown_reverse_client_hostname or reject_unknown_client_hostname, but
these have significant impact on some server for legitimate mail. You can
search the archives (or google) for various discussions on these two settings,
how they differ, and which you might want to use, if either.
> postscreen_dnsbl_sites = zen.spamhaus.org*5, psbl.surriel.com*2,
> bl.spamcop.net*2, dnsbl.spfbl.net*2,
> db.wpbl.info, dnsbl.dronebl.org, pofon.foobar.hu,
> bl.ipv6.spameatingmonkey.net*2,dnsbl6.anticaptcha.net,
> bl.spameatingmonkey.net*2, bl.mailspike.net, b.barracudacentral.org*2,
> dnsbl.sorbs.net, ubl.unsubscore.com, truncate.gbudb.net,
> list.dnswl.org*-3, zz.countries.nerd.dk=127.0.3.58*-1
Treating all replies from the RBLs as the same is, IMHO, a mistake.
This is what I have:
postscreen_dnsbl_threshold = 9
postscreen_dnsbl_sites = zen.spamhaus.org=127.0.0.[4..11]*9
hostkarma.junkemailfilter.com=127.0.0.2*5
zen.spamhaus.org=127.0.0.[2..3]*4
hostkarma.junkemailfilter.com=127.0.0.3*2
hostkarma.junkemailfilter.com=127.0.2.1*4
hostkarma.junkemailfilter.com=127.0.2.2*2
hostkarma.junkemailfilter.com=127.0.0.2*4
hostkarma.junkemailfilter.com=127.0.1.2*4
hostkarma.junkemailfilter.com=127.0.0.1*-4
hostkarma.junkemailfilter.com=127.0.0.5*-2
hostkarma.junkemailfilter.com=127.0.2.3*-2
For example, I score zen differently for 127.0.0.2-3 (much lower) than for
4-11. (.2 is the SBL which hits more ‘false’ positives than the other for my
mailstream and .3 is similar) while 4-11 are server that should never be
sending mail (DHCP ISP machines, exploited servers, etc).
I *do not* recommend you copy/paste these into your setup. For one thing, I
haven’t evaluated them in quite a while since zen hits nearly everything that
gets blocked, so I’m not really sure how the downstream ones are performing
right now, but mostly because every server is a bit different.
--
Like the moment when the brakes lock/And you slide towards the big
truck/You stretch the frozen moments with your fear
