Hi, >> I'm using zen.spamhaus.org in postscreen and,
Where can I find information on postscreen? >> reject_rbl_client bl.spamcop.net >> reject_rbl_client bogons.cymru.com I would also be interested in info on using the bogons list here. How does that apply here, considering it's not very effective to spoof the source of an email that you'd actually like to be delivered in the first place, no? > smtpd_recipient_restrictions = > ... > reject_rbl_client zen.spamhaus.org > reject_rhsbl_client dbl.spamhaus.org > reject_rhsbl_sender dbl.spamhaus.org > reject_rhsbl_helo dbl.spamhaus.org I'm familiar with zen, but I believe the dbl is relatively new, correct? What other URI BL lists do people use? Can these postfix restrictions be used with older versions of postfix? I have a few systems with older versions and can't upgrade right now. > I reject most spam via other methods, mostly pcre/regex and cidr tables. My Can you tell me more about rejecting using cidr tables? Do you mean the bogon list or ASN numbers? I seem to remember a downloadable list of the top 10 ASNs that could be used to add weight to an SA score. > dnsbl queries reject less than 1% of my spam load. Plug the following > dynamic/generic rdns regex table into your Postfix configuration and see if But isn't it really a subset of just downloading a current zen zone and querying against that? How do you update it? Manually? That doesn't sound feasible for a larger network or without having some type of procedure for keeping it updated surrounding it. What type of network do you have it running on? > it catches some spam for you. It does a good job here. Given its size I'd > recommend running it (and all your map files) via proxymap. Ask here if Can you include information on proxymap and postfix for me to read? > This regex file is free for anyone to use if you wish to. The FP rate > should be zero since it matches only dynamic/generic rdns names. I guess that depends on what you consider a FP, right? IOW, I'm not currently outright rejecting mail from unknown hosts, and it's very likely that some road-warriors could be sending from their desktops, and that would impact them here, right? Lots of questions, so I sure appreciate your help. Thanks again! Best regards, Alex
