Re: [exim] DNSBLs

On Wed, 2005-03-23 at 12:30 -0500, Wakko Warner wrote:
> Axel aghi Hollanda wrote:
> > I've heard that zombie.dnsbl.sorbs.net, relays.ordb.org and
> > sbl-xbl.spamhaus.org are good DNSlists to start looking in the rcpt
> > command.
> > Any recommendations or noises using any of those?
>
> I did some tests with relays.ordb.org for a few months at work. Of all the
> RBLs we use, this one would have stopped 2 emails that otherwise would have
> made it through. Not worth it IMO.

we accept 130k messages per day. 90k messages are rejected due to
faulty HELO. we're using CBL as our first DNSBL, it stops 150k messages
per day. ORDB blocks only 2k messages, but I'm sure it would be more if
we switched the order. BLITZED has similar incremental effect as ORDB.

> We use spamcop, xbl+sbl, njabl, dsbl.

we don't use these due to their listing policy[1]. we do penalise the
hosts with delays based on Spamcop (also +3 SA points) and NJABL.
another factor is that XBL+SBL would cost USD 600 per year for us. we
disabled DSBL after they had a DNS outage causing us to reject all
e-mail for a few hours ... other than that we're happy with them, and
we plan to start using them again when we have a dedicated DNSBL name
server operative, it's easier to do sanity checks on the zone files
then.

[1] we've been listed by Spamcop ourselves and I don't regret the
configuration which caused it (a vacation responder sent mail to a
spamtrap). it's almost impossible to avoid being periodically listed
for any medium to large site.

> You may not wish to use spamcop, out of the ones I use, it's least
> recommended, however I still use it. At home, I use the above plus l2
> spews, sorbs and surriel. Plus my own personal blacklists.

a home system can afford to be much more picky, of course.
--
Kjetil T.