On 15.12.2014 18:38 UK Time, Reindl Harald wrote:
Am 15.12.2014 um 19:20 schrieb Herbert Eppel:
On 15.12.2014 18:02 UK Time, Reindl Harald wrote:
besides that using RBL scoring and wise filters for dynamic PTRs and
invalid HELO names *before* SA on the MTA level should reject most spam
without false positives
3 months:
* 250000 delivered ham messages
* 850000 MTA level rejects
* 32000 SA hits
Thanks for your reply, but I'm afraid as an ordinary SA user with
limited knowledge of these matters I have, quite frankly, no idea what
you are talking about.
Don't hesitate to tell me to RTFM, but if you feel like elaborating a
little, ideally in an 'acronym-free environment', I would be grateful.
for postfix just Google for the parameters below and read
http://www.postfix.org/POSTSCREEN_README.html which will kill 90% of all
junk before it ever touchs the expensive content filter
since only the dialup-balcklists have the reject score of 8 and all
others need at least confirmation based on trust-level of the RBL
combined with some whitelists you achieve both:
* large amount of catches
* avoid false positives
this like "127.0.0.[4..7]" are the RBL response codes of aggregated
lists which has the benefit postscreen needs only do a single dns lookup
and weight the results (RTFM of the RBL's itself)
postscreen_dnsbl_ttl = 5m
postscreen_dnsbl_threshold = 8
postscreen_dnsbl_action = enforce
postscreen_greet_action = enforce
postscreen_dnsbl_sites =
dnsbl.sorbs.net=127.0.0.10*8
zen.spamhaus.org=127.0.0.[10;11]*8
b.barracudacentral.org=127.0.0.2*7
dnsbl.inps.de=127.0.0.2*7
dnsbl.sorbs.net=127.0.0.5*7
zen.spamhaus.org=127.0.0.[4..7]*7
zen.spamhaus.org=127.0.0.3*5
bl.mailspike.net=127.0.0.2*5
bl.mailspike.net=127.0.0.[10;11;12]*4
bl.spamcop.net=127.0.0.2*4
bl.spameatingmonkey.net=127.0.0.[2;3]*4
dnsrbl.swinog.ch=127.0.0.3*4
zen.spamhaus.org=127.0.0.2*3
dnsbl.sorbs.net=127.0.0.7*3
dnsbl.sorbs.net=127.0.0.8*2
dnsbl.sorbs.net=127.0.0.6*2
dnsbl.sorbs.net=127.0.0.9*2
wl.mailspike.net=127.0.0.[18;19;20]*-2
list.dnswl.org=127.0.[0..255].0*-2
list.dnswl.org=127.0.[0..255].1*-3
list.dnswl.org=127.0.[0..255].2*-4
list.dnswl.org=127.0.[0..255].3*-5
Thanks for your further reply, but all this stuff is quite new to me,
and I'm quite mystified by it, to be honest.
Grüße nach Wien
Herbert Eppel
www.HETranslation.co.uk