I use this list for postscreen, big list. Use with care, this one is customized for my needs.
The why to cidr's in the access list. The first is manualy maintaint. The second cidr and spamhous drop are auto updated by script. Greetz, Louis postscreen_greet_banner = $myhostname, checking blacklists, please wait. postscreen_greet_action = drop postscreen_greet_wait = 3s postscreen_greet_ttl = 2d postscreen_access_list = permit_mynetworks, cidr:/etc/postfix/personal/postscreen_access_list.cidr, # personal white/black list. pcre:/etc/postfix/personal/postscreen_access_list-reject.fqrdns.pcre # faulty rdns record list, like hosters with dynamic ips. cidr:/etc/postfix/personal/postscreen_access_list-drop.spamhaus-lasso.cidr # Spamhaus DROP List postscreen_whitelist_interfaces = $mynetworks, static:all postscreen_blacklist_action = drop postscreen_dnsbl_reply_map = pcre:/etc/postfix/personal/postscreen_dnsbl_reply_map.pcre # customized reply. postscreen_dnsbl_action = enforce postscreen_dnsbl_ttl = 2h postscreen_dnsbl_threshold = 4 postscreen_dnsbl_threshold = 4 postscreen_dnsbl_sites = zen.spamhaus.org*4 b.barracudacentral.org*4 bad.psky.me*4 dnsbl.cobion.com*2 bl.spameatingmonkey.net*2 fresh.spameatingmonkey.net*2 cbl.anti-spam.org.cn=127.0.8.2*2 dnsbl.kempt.net*1 dnsbl.inps.de*2 bl.spamcop.net*2 srn.surgate.net=127.0.0.2 spam.dnsbl.sorbs.net*1 rbl.rbldns.ru*2 psbl.surriel.com*2 bl.mailspike.net*2 rep.mailspike.net=127.0.0.[13;14]*1 bl.suomispam.net*2 bl.blocklist.de*2 ix.dnsbl.manitu.net*2 dnsbl-2.uceprotect.net dnsbl.justspam.org=127.0.0.2*2 all.s5h.net=127.0.0.2*2 hostkarma.junkemailfilter.com=127.0.0.[2;4]*2 rbl.abuse.ro=127.0.0.[2;4]*2 dnsbl.spfbl.net=127.0.0.[2;4]*2 # No RDNS dnsbl.spfbl.net=127.0.0.3*1 hostkarma.junkemailfilter.com=127.0.0.3*1 # whitelists swl.spamhaus.org*-6 dnswl.spfbl.net=127.0.0.[2;3;4]*-3 list.dnswl.org=127.0.[0..255].[2;3]*-4 rep.mailspike.net=127.0.0.[17;18]*-1 rep.mailspike.net=127.0.0.[19;20]*-2 hostkarma.junkemailfilter.com=127.0.0.1*-4 nobl.junkemailfilter.com=127.0.0.5*-4 # > -----Oorspronkelijk bericht----- > Van: postfixlists-070...@billmail.scconsult.com > [mailto:owner-postfix-us...@postfix.org] Namens Bill Cole > Verzonden: dinsdag 6 maart 2018 15:44 > Aan: Postfix users > Onderwerp: Re: manitu.net RBL, opinions? Re: postwhite? (why not?) > > On 6 Mar 2018, at 1:26, MRob wrote: > > > On 2018-03-05 18:05, Bill Cole wrote: > >>> Would you mind sharing which RBLs you recommend to use in > >>> postscreen? > >> > >> postscreen_dnsbl_sites = zen.spamhaus.org=127.0.0.2*2 > >> zen.spamhaus.org=127.0.0.3*2 zen.spamhaus.org=127.0.0.4*2 > >> zen.spamhaus.org=127.0.0.10*2 zen.spamhaus.org=127.0.0.11*2 > >> psbl.surriel.com=127.0.0.2*1 ix.dnsbl.manitu.net=127.0.0.2*1 > > > > I just learned of manitu.net RBL is it helpful? > > Obviously I find it so... > > > Bill you don't use things like barracuda.net, spamcop, > whatever that > > monkey one is, mailspike. > > Not in postscreen (for the reasons previously cited) nor in > smtpd. I do > use the DNSBLs that SpamAssassin supports by default, but with score > adjustments. > > > Is manitu a good replacement for all those? > > No. It IS a good source of spam sources targeting primarily but not > exclusively European mailboxes, many of which show up on the > manitu list > (a.k.a. "NiX Spam") hours before they appear in Zen. > > -- > Bill Cole > b...@scconsult.com or billc...@apache.org > (AKA @grumpybozo and many *@billmail.scconsult.com addresses) > Currently Seeking Steady Work: https://linkedin.com/in/billcole > >