On 2018-03-02 12:09, MRob wrote:
> Asking for opinions about postwhite.
> https://github.com/stevejenkins/postwhite
> Below is the default whitelist domains. It's nice idea, but what about
> the time when spammers got hold of 10.000 hotmail accounts?
> OTOH this is only for postscreen and not whitelisted your antispam
> engine so seems like a good idea. Really like to know arguments
> against using this, please speak up.
> webmail_hosts="aol.com google.com microsoft.com outlook.com
> hotmail.com gmx.com icloud.com mail.com inbox.com zoho.com
> fastmail.com"
> social_hosts="facebook.com facebookmail.com twitter.com pinterest.com
> instagram.com tumblr.com reddit.com linkedin.com"
> commerce_hosts="craigslist.org amazon.com ebay.com paypal.com"
> bulk_hosts="sendgrid.com sendgrid.net mailchimp.com exacttarget.com
> cust-spf.exacttarget.com constantcontact.com icontact.com mailgun.com
> fishbowl.com fbmta.com mailjet.com sparkpost.com sparkpostmail.com"
> misc_hosts="zendesk.com github.com"


Can't really say anything against using postwhite. So these are my

I have started using it some time ago. I have noticed that some provides
use some kind of SPF rotation daily (???) and rotate between IPv6
subnets. So it is important to run it periodically to update the file.
It might be good to implement rounding to the nearest /64 or even /56
for efficiency, but I didn't have a chance to look into that.

Other than that, I am using the generated list to whitelist postscreen
and some custom filtering that forces greylisting and honeypot checks as

My main observation is that senders included in the default list you
posted will pass postscreen anyway and additional benefit is to exclude
them from RBL checks because vast majority of users would like to still
allow them, even if they hit some RBLs from time to time.

The additional benefit is huge saving on DNS queries and (for me)
avoiding greylisting if some otherwise good server finds it's way to

I also added some hosts to my list from banks, Amazon SES etc. I have
about 800 lines in the generated file, which is reasonable. I have about
60-75% passing connections whitelisted now.


Karol Augustin
+353 85 775 5312

Reply via email to