Re: ot: opinions about NiX Spam
On Sat, Mar 20, 2010 at 06:23:32PM -0500, Stan Hoeppner wrote: > Voytek Eymont put forth on 3/20/2010 5:52 PM: > > one of the blacklist I use it is ix.dnsbl.manitu.net > > > > to my knowledge, it has been OK since I've set it up, with no known > > complaints > > > > what is the user's opinions on it's usefulness ? > > This is one of the downsides to fully automated low threshold trap driven > dnsbls. Similar to SORBS, ix.dnsbl.manitu.net will list any IP that sends > over the threshold amount of spam to its traps. I stopped using this dnsbl > long ago for the same reason I stopped using SORBS--too many "FPs" and not > nearly enough blocking of actual spam to justify continued use. > > That said, I only use dnsbls for outright blocking at smtp because I'm > philosophically opposed to content filters such as Spam Assassin. That > said, IMHO, the proper way to use ix.dnsbl.manitu.net, SORBS, and similar > dnsbls is via scoring within something like Spam Assassin, but not for > outright blocking. Using some additional "lesser" BLs works just fine here, I require two to hit (using a policy daemon). I get as many rejects as with ZEN (before that I have many dynamic checks, so it doesn't get much).
Re: ot: opinions about NiX Spam
Am 21.03.2010 00:23, schrieb Stan Hoeppner: > Voytek Eymont put forth on 3/20/2010 5:52 PM: >> one of the blacklist I use it is ix.dnsbl.manitu.net got very less problems with them anyway you can avoid problems with rbls if you use them selective i.e only for 4 dotted reverse hostnames or known dyndns ips etc without loosing much filtering >> >> to my knowledge, it has been OK since I've set it up, with no known >> complaints >> >> what is the user's opinions on it's usefulness ? > > This is one of the downsides to fully automated low threshold trap driven > dnsbls. Similar to SORBS, ix.dnsbl.manitu.net will list any IP that sends > over the threshold amount of spam to its traps. I stopped using this dnsbl > long ago for the same reason I stopped using SORBS--too many "FPs" and not > nearly enough blocking of actual spam to justify continued use. > > That said, I only use dnsbls for outright blocking at smtp because I'm > philosophically opposed to content filters such as Spam Assassin. That > said, IMHO, the proper way to use ix.dnsbl.manitu.net, SORBS, and similar > dnsbls is via scoring within something like Spam Assassin, but not for > outright blocking. > > For quite some time now my other spam countermeasures are so effective that > I'm rarely even querying my configured dnsbls, which are only Spamhaus ZEN > and DBL. I just added DBL recently to test it and it catches a few per day, > same as ZEN. YMMV. > everyone has own spam, and own policy to that i have case where zen is massive helpfull in client stage rbls have their pros and contras everyone is free to use them as he likes -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria
Re: ot: opinions about NiX Spam
Voytek Eymont put forth on 3/20/2010 5:52 PM: > one of the blacklist I use it is ix.dnsbl.manitu.net > > to my knowledge, it has been OK since I've set it up, with no known > complaints > > what is the user's opinions on it's usefulness ? This is one of the downsides to fully automated low threshold trap driven dnsbls. Similar to SORBS, ix.dnsbl.manitu.net will list any IP that sends over the threshold amount of spam to its traps. I stopped using this dnsbl long ago for the same reason I stopped using SORBS--too many "FPs" and not nearly enough blocking of actual spam to justify continued use. That said, I only use dnsbls for outright blocking at smtp because I'm philosophically opposed to content filters such as Spam Assassin. That said, IMHO, the proper way to use ix.dnsbl.manitu.net, SORBS, and similar dnsbls is via scoring within something like Spam Assassin, but not for outright blocking. For quite some time now my other spam countermeasures are so effective that I'm rarely even querying my configured dnsbls, which are only Spamhaus ZEN and DBL. I just added DBL recently to test it and it catches a few per day, same as ZEN. YMMV. -- Stan
ot: opinions about NiX Spam
one of the blacklist I use it is ix.dnsbl.manitu.net to my knowledge, it has been OK since I've set it up, with no known complaints what is the user's opinions on it's usefulness ? just in the last two days one user had several valid emails rejected based on NiX Spam bl by the time I looked at rejection listing, one of the IPs was no longer listed # pflogsumm /var/log/maillog* | grep block .. blocked using ix.dnsbl.manitu.net (total: 485) blocked using zen.spamhaus.org (total: 17487) Mar 17 05:14:36 postfix/smtpd[30940]: NOQUEUE: reject: RCPT from smtpout6.poczta.onet.pl[213.180.147.166]: 554 5.7.1 Service unavailable; Client host [213.180.147.166] blocked using ix.dnsbl.manitu.net; Spam sent to the mailhost relay.heise.de was detected by NiX Spam at Tue, 16 Mar 2010 12:36:26 +0100, see http://www.dnsbl.manitu.net/lookup.php?value=213.180.147.166; from= to= proto=ESMTP helo= -- Voytek