Am 28.03.2016 um 20:57 schrieb RW:
On Mon, 28 Mar 2016 19:43:10 +0200 Reindl Harald wrote:Am 28.03.2016 um 19:29 schrieb Alex:We're seeing an increasing number of quarantined mail resulting from compromised desktops being listed in RCVD_IN_SBLXBL. This in turn leads to an increase in the number of calls to the helpdesk with "where's my mail". This is typically the first Received header in the email, so not something that is being rejected at the SMTP level. Is there some way to reject this mail at the SMTP level before it's accepted, or something spamassassin/amavis can do after it's received to notify the sender, without it becoming a backscatter issue to make my job easier? I'm already using postscreen with zen to block at the SMTP levelwe disabled all builtin DNSBL tests (except mailspike) from the very beginning and feeding postscreen and spamassassin from the same database with adopted scoresThe question was about deep hits on XBL and SBL that don't hit the last-external zen lookup. Rejecting on deep XBL hits would be risky because they can be on dynamic IP addresses that have been reassigned
you know my strong opinion against any deep-header-tests it's also solved by doing what i said above
signature.asc
Description: OpenPGP digital signature
