At 9:07 AM -0400 10/20/06, Roger Moffat imposed structure on a
stream of electrons, yielding:
Hi List
Well after 6-7 years of using SIMS without any kind of Spam
filtering on incoming messages I've decided I want to try and set
this up.
I have a "small" setup - 14 addresses at 1 domain - with less than
10 of them actively used, but the signal to noise ratio is now very
very low - in excess of 90% (perhaps even 95%) of the messages are
spam.
The SIMS help manual says "Consult with your provider about the best
RBL server available".
<PEDANTRY>
RBL is a trademark of Trend Micro, who bought the remnants and
intellectual property of the old MAPS operation last year. The RBL
(for "Realtime Blackhole List") was the first such list to use DNS
for queries from mail servers. The more correct generic term is
"DNSBL" which refers to the whole range of hundreds of address lists
queriable in the same manner as the old RBL. The RBL itself is still
available if you pay Trend Micro for access.
</PEDANTRY>
Is there one or two "best" blacklists I should enter into the
appropriate place in SIMS?
The best single list for coverage and lack of collateral damage is
the Spamhaus combined SBL+XBL. See
http://www.spamhaus.org/sbl/howtouse.html for details. The head of
Spamhaus, Steve Linford, has been a SIMS user and was a member of
this list for many years and may still be reading here. I doubt that
anyone still using SIMS has enough mail flow to make the paid data
feed of the SBL+XBL necessary, and you should have no problem using
it via DNS queries.
You should note that in order to use any DNSBL you need to have the
addresses that it returns (e.g. 127.0.0.2-127.0.0.6 for the SBL+XBL)
in your SIMS IP address blacklist.
What are others using for this?
I use the Spamhaus list, a list of Korean ranges documented at
http://korea.services.net/ and a list described at
http://www.sectoor.de/tor.php that lists TOR nodes that allow
spamming use. I also use a very severe local blacklist implemented as
a DNSBL because it is far too large for the SIMS blacklist and
because it is helping my glacially slow migration off of SIMS.
What lists you use has to be dependent on your own specific needs.
The Korean and TOR lists might not be suitable for you. If you deal
with hardcore spammers or people who have zombied machines, even the
SBL+XBL list might be problematic, and if you have Windows users
submitting outbound mail directly to you, you probably will want to
protect them from SBL+XBL checks by having them use authentication or
adding their IP's to the client list.
--
Bill Cole
[EMAIL PROTECTED]
#############################################################
This message is sent to you because you are subscribed to
the mailing list <[email protected]>.
To unsubscribe, E-mail to: <[EMAIL PROTECTED]>
To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]>
To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]>
Send administrative queries to <[EMAIL PROTECTED]>
