Re: [Exim] Black lists

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Kevin W. Reed
Date:  
À: exim-users
Sujet: Re: [Exim] Black lists
Jez Hancock said:
> Ah so you don't use RBLs in Exim? That is one solution I suppose for
> one of the other recent posts on the list by someone who was finding
> performance degraded because they were using a large number of RBLs in a
> dnslist in their Exim config - just use spamd for your RBL checking.


Ones configuration depends on ones needs and requirements... I don't
think there is a one size fits all.

In the several completely different configuations that I use, there are a
number of other simple checks that can be done before doing rbl looks that
will preclude ever getting that far for a large number of rejectable
connections. I prefer to do the rbls before using SA to cut down on the
systems use of SA to keep the load down. I see SA as an expensive
resource that I only want to use for mail that is going to actually get
delivered (except for gross high scores).

I've not had a problem with false positives for a while with the RBL's I
am using and have a small white list to get around the ones that have
remained a problem in the past.

Allowing postmaster through despite an RBL block and having something in
the the deny message indicating that if they are having a problem to
contact the postmaster seems to work well.

Of course I have an rbl-always for those sites stupid enough to spam the
postmaster account. Those are the only drops that I do in the ACL Connect
area.

The same goes for using Clam AV. I have a number of checks before reaching
that point that normally precude the use of Clam AV at all, yet most of
the comon virus stuff is blocked just fine.

Reviewing the logs on a regular basis helps see what is and isn't working
to allow for slight adjustments as necessary.

--
Kevin W. Reed - TNET Services, Inc.
Mailing List Account
URL: http://www.tnet.com Support Forums: http://www.tnet.com/forum