On 14.10.2020 09:43, Johann Beretta wrote:
>> Is there a way to create or use existing a kind of RBL list but with
>> email addresses like:
>>
>>
spam...@gmail.com
>>
spam...@yahoo.com
>>
>
> Practically? No.
>
I mean the list already exists and can be used if you use exim.
I try to find similar mechanism for postfix.
> I'm gathering you want people to be able to add email addresses to this
> "master list", yes?
Not exactly and not random people.
> What's to stop me from dumping several billion randomly generated email
> addresses into it?
You probably would not be able to add any address to this list.
> What's to stop anyone from doing that? How do you prevent someone from
> dumping legit email addresses, into your system, that were forged an
> associated with spam. Nobody can know all the "legit" email addresses
> out there.
Polish lists are maintained by MTA administrators and not random people.
You can't be a Joe from the street. They select and pick people
themselves. You can't apply to be a member. I tried myself but I did not
have any anti spam related history, I don't run a blog or whatever so
they did not want to talk to me too much. They offer a membership to
people they know and every such a member, as they write, add their
spammers to the common database. I could also be a member but they don't
want me yet :-) I have some incoming spams and I could feed the database
also.
This is probably due to your concerns but what I can tell you
polspam.pl
works great here in Poland. When I added it's RBLs to the Postfix I
noticed 99% reduction of spam instantly.
Polspam.pl also uses collateral banning, not only the spamming domain
but also a hostname. The domain goes to the rhsbl (domains) but
hostnam's IP goes to the bl (IP addresses). This is extremely effective
since spammers use foreign providers and MTA administrator has two lists
(even more) to chose from.
Please read here:
https://polspam.pl/dlst.php
I am a very big fan of such initiatives.
> Filtering based on email address is less than pointless. Email addresses
> are infinitely forgeable. Domain filtering would be better than that,
> and still practically pointless.
Yes they are forgeable but there are more and more spammers who realized
that creating some Gmail accounts may prevent RBL from listing the whole
Gmail. You can always check SPF, DKIM and DMARC of google and at the end
you could check blaclist with emails if the Gmail is a legit sender.
Postfix lacks such functionality, one or two simple commands to analyze
proper headers, not only domains...
Please read the second topic, I described it.