Re: [Exim] Testing rbl_domains

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Tabor J. Wells
Datum:  
To: PEAR Bruntjen
CC: Exim-Users@Exim. Org
Betreff: Re: [Exim] Testing rbl_domains
On Wed, Jan 23, 2002 at 08:43:54AM -0800,
PEAR Bruntjen <ericb@???> is thought to have said:

>
> Hello:
>
> Can anybody supply an IP known to be in the blackholes.mail-abuse.org list?
> I've setup exim with the following:
>
> rbl_domains = blackholes.mail-abuse.org/reject
> rbl_reject_recipients = true
>
>
> But spam still gets through and the reject logs are empty (although none
> that I've been able to find in the list). I don't know if my spam filtering
> is working. I need an IP to test using exim -bh.
>
> Thanks
>
> Eric Bruntjen
> ericb@???


You can always test any of the blackhome lists with 127.0.0.2

Note however that all of the mail-abuse.org lists are subscription only now.
So unelss you're paying them for the service, it won't work. See their
website for details.

Also as a practical measure, blocking using the MAPS RBL doesn't actually
stop much spam. Historically it's been used more as a big stick against
those who are spam friendly rather than being effective against the spammers
who move from throwaway account to throwaway account and forge, relay,
proxy, etc their spam off of other people's servers.

Depending on how aggressive you want to be, I'd recommend using an Open
Relay blacklist (see www.ordb.org, www.orbz.org, relays.visi.com, or
relays.osirusoft.com) and supplementing it with a dynamic dialup blacklist
(dialups.relays.osirusoft.com or dynablock.wirehub.net) and possibly
something more aggressive like SPEWS (see spews.org)

I'd also recommend supplementing the rbl-based blocks with some of your own
rules in a system filter to catch common spam signatures, etc.

Tabor

--
--------------------------------------------------------------------
Tabor J. Wells                                     twells@???
Fsck It!                 Just another victim of the ambient morality