I have recently begun getting blocks from dbl.spamhaus.org for "valid"
email. I thought a single instance was an aberration but in all I've
seen half a dozen emails blocked - a large number for my small system.
The original setup was...
============
smtpd_helo_restrictions =
...
reject_rhsbl_helo dbl.spamhaus.org
smtpd_sender_restrictions =
...
reject_rhsbl_sender dbl.spamhaus.org
smtpd_recipient_restrictions =
...
reject_rbl_client zen.spamhaus.org
reject_rhsbl_client dbl.spamhaus.org
============
I have now disabled the dbl.spamhaus tests but left in place the
zen.spamhaus one.
The mail server is an old one, running almost untouched for several
years. The positioning of the spamhaus tests has not changed in some
time until now. I am setting up a new server with postfix, spamassassin,
dovecot etc but it has yet to receive any real mail.
I am concerned that adding spamhaus tests to postfix on the new server
may be detrimental even though, until now, I have seen no adverse reaction.
Spamhaus has a page for setting up postfix and recommends...
============
smtpd_recipient_restrictions =
...
reject_rbl_client zen.spamhaus.org=127.0.0.[2..11]
reject_rhsbl_sender dbl.spamhaus.org=127.0.1.[2..99]
reject_rhsbl_helo dbl.spamhaus.org=127.0.1.[2..99]
reject_rhsbl_reverse_client dbl.spamhaus.org=127.0.1.[2..99]
warn_if_reject reject_rbl_client zen.spamhaus.org=127.255.255.[1..255]
============
Is this a realistic setup? Should there be more, fewer or repositioned
tests?
I am prepared to dump them all and rely on spamassassin but I'd prefer
to remove spam/viruses as early as feasible.
