what i am asking is how to you manage actual IPs of the hosts providing services. What if at some point one of them or more are out of service? D you monitor it so in case some stop providing the services you remove them or replace them?
Does send mail provide similar functionality to postscreen? If i understand it correctly this feature allows to stop email from being delivered before it gets through MTA. So spam assassin does same filtering but it requires more processing? thx > On Dec 4, 2017, at 4:30 PM, Reindl Harald <[email protected]> wrote: > > > > Am 04.12.2017 um 23:17 schrieb Junk: >> So I wonder if >> postscreen_dnsbl is enabled is it possible that mail get lost by mistake? >> Somehow some false positive? >> How do you maintain the list? > > the whole point is that you don't need to babysit the list because you have > not that thrustworth lists with low scores but reject if enough other RBL's > at the same time agree > > you have a combination of blacklists and whitelists, see the whitelists at > the end with negative score and when the summary is > "postscreen_dnsbl_threshold" or higher the message is rejected > __________________________ > > the first 3 with the poision pill score 8 or higher are with names > > * dul.dnsbl.sorbs.net > * noserver.dnsbl.sorbs.net > * pbl.spamhaus.org > > these are normally deadly safe "reject it" but even that ones are guided by > the whitelists and so it typically needs at least one additional RBL to get > above 8 > > the 127.0.0.x stuff are the responses from the DNSBL/DNSWL server so that > postscreen only needs to ask "dnsbl.sorbs.net" once and probably get more > than one ip back, each ip response has it's score and so wehn you get back > "127.0.0.10" *and* "127.0.0.14" it's listed on both (dul/noserver) and get 17 > points plus the responses from other lists minus whitelist responses and the > final number makes the decision > > well, and with a caching nameserver spamassassin can re-use the cached > responses > > postscreen_dnsbl_threshold = 8 > postscreen_dnsbl_action = enforce > postscreen_greet_action = enforce > postscreen_dnsbl_sites = > dnsbl.sorbs.net=127.0.0.10*9 > dnsbl.sorbs.net=127.0.0.14*9 > zen.spamhaus.org=127.0.0.[10;11]*8 > dnsbl.sorbs.net=127.0.0.5*7 > zen.spamhaus.org=127.0.0.[4..7]*7 > b.barracudacentral.org=127.0.0.2*7 > zen.spamhaus.org=127.0.0.3*7 > dnsbl.inps.de=127.0.0.2*7 > hostkarma.junkemailfilter.com=127.0.0.2*4 > dnsbl.sorbs.net=127.0.0.7*4 > bl.spamcop.net=127.0.0.2*4 > bl.spameatingmonkey.net=127.0.0.[2;3]*4 > dnsrbl.swinog.ch=127.0.0.3*4 > ix.dnsbl.manitu.net=127.0.0.2*4 > psbl.surriel.com=127.0.0.2*4 > bl.mailspike.net=127.0.0.[10;11;12]*4 > bl.mailspike.net=127.0.0.2*4 > zen.spamhaus.org=127.0.0.2*3 > score.senderscore.com=127.0.4.[0..20]*3 > bl.spamcannibal.org=127.0.0.2*3 > dnsbl.sorbs.net=127.0.0.6*3 > dnsbl.sorbs.net=127.0.0.8*2 > hostkarma.junkemailfilter.com=127.0.0.4*2 > dnsbl.sorbs.net=127.0.0.9*2 > dnsbl-1.uceprotect.net=127.0.0.2*2 > all.spamrats.com=127.0.0.38*2 > bl.nszones.com=127.0.0.[2;3]*1 > dnsbl-2.uceprotect.net=127.0.0.2*1 > dnsbl.sorbs.net=127.0.0.2*1 > dnsbl.sorbs.net=127.0.0.4*1 > score.senderscore.com=127.0.4.[0..69]*1 > dnsbl.sorbs.net=127.0.0.3*1 > hostkarma.junkemailfilter.com=127.0.1.2*1 > dnsbl.sorbs.net=127.0.0.15*1 > ips.backscatterer.org=127.0.0.2*1 > bl.nszones.com=127.0.0.5*-1 > score.senderscore.com=127.0.4.[90..100]*-1 > wl.mailspike.net=127.0.0.[18;19;20]*-2 > hostkarma.junkemailfilter.com=127.0.0.1*-2 > ips.whitelisted.org=127.0.0.2*-2 > list.dnswl.org=127.0.[0..255].0*-2 > dnswl.inps.de=127.0.[0;1].[2..10]*-2 > list.dnswl.org=127.0.[0..255].1*-3 > list.dnswl.org=127.0.[0..255].2*-4 > list.dnswl.org=127.0.[0..255].3*-5
