Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Postscreen RBLs
144 views
Skip to first unread message
Nikolaos Milas
Feb 11, 2013, 11:13:59 AM2/11/13
to
Hello,
I am using Postfix 2.9.4 on CentOS 6.3 as a gateway server with the
following postscreen settings:
postscreen_dnsbl_threshold = 2
postscreen_dnsbl_sites =
b.barracudacentral.org*2,
zen.spamhaus.org*2,
psbl.surriel.com*2
postscreen_dnsbl_action = enforce
postscreen_greet_action = enforce
Sometimes I receive complaints from some mail server operators that
barracudacentral causes blocks of mail from their server, and "Very few
email providers use Barracuda for their RBL's, so it is not an RBL we
check very often or rely on".
I remember that, when I had set up this gateway server, I had researched
and found that barracudacentral should be OK.
My questions now are:
* Based on your experience and advice, should I keep the above
postscreen settings? Any suggestions?
* Should I avoid postscreen_dnsbl_sites and only use amavis to make
decisions through scoring? How are you implementing such blocks?
Thanks in advance,
Nick
I am using Postfix 2.9.4 on CentOS 6.3 as a gateway server with the
following postscreen settings:
postscreen_dnsbl_threshold = 2
postscreen_dnsbl_sites =
b.barracudacentral.org*2,
zen.spamhaus.org*2,
psbl.surriel.com*2
postscreen_dnsbl_action = enforce
postscreen_greet_action = enforce
Sometimes I receive complaints from some mail server operators that
barracudacentral causes blocks of mail from their server, and "Very few
email providers use Barracuda for their RBL's, so it is not an RBL we
check very often or rely on".
I remember that, when I had set up this gateway server, I had researched
and found that barracudacentral should be OK.
My questions now are:
* Based on your experience and advice, should I keep the above
postscreen settings? Any suggestions?
* Should I avoid postscreen_dnsbl_sites and only use amavis to make
decisions through scoring? How are you implementing such blocks?
Thanks in advance,
Nick
Reindl Harald
Feb 11, 2013, 11:19:56 AM2/11/13
to
Am 11.02.2013 17:13, schrieb Nikolaos Milas:
> Sometimes I receive complaints from some mail server operators that barracudacentral causes blocks of mail from
> their server, and "Very few email providers use Barracuda for their RBL's, so it is not an RBL we check very often
> or rely on"
is using it fore sure and there are enough big companies using appliances
from barracuda networks
Rod K
Feb 11, 2013, 11:25:41 AM2/11/13
to
On 2/11/2013 11:13 AM, Nikolaos Milas wrote:
> Hello,
>
> I am using Postfix 2.9.4 on CentOS 6.3 as a gateway server with the
> following postscreen settings:
>
> postscreen_dnsbl_threshold = 2
> postscreen_dnsbl_sites =
> b.barracudacentral.org*2,
> zen.spamhaus.org*2,
> psbl.surriel.com*2
> postscreen_dnsbl_action = enforce
> postscreen_greet_action = enforce
>
> Sometimes I receive complaints from some mail server operators that
> barracudacentral causes blocks of mail from their server, and "Very
> few email providers use Barracuda for their RBL's, so it is not an RBL
> barracudacentral causes blocks of mail from their server, and "Very
> few email providers use Barracuda for their RBL's, so it is not an RBL
> we check very often or rely on".
>
> I remember that, when I had set up this gateway server, I had
> researched and found that barracudacentral should be OK.
>
> My questions now are:
>
> * Based on your experience and advice, should I keep the above
> postscreen settings? Any suggestions?
> * Should I avoid postscreen_dnsbl_sites and only use amavis to make
> decisions through scoring? How are you implementing such blocks?
>
> Thanks in advance,
> Nick
>
>
>
Barracuda and Spamhaus are the only RBLs that I use that can block by
>
> I remember that, when I had set up this gateway server, I had
> researched and found that barracudacentral should be OK.
>
> My questions now are:
>
> * Based on your experience and advice, should I keep the above
> postscreen settings? Any suggestions?
> * Should I avoid postscreen_dnsbl_sites and only use amavis to make
> decisions through scoring? How are you implementing such blocks?
>
> Thanks in advance,
> Nick
>
>
>
themselves. All others require at least one corroborating RBL. I've not
run into any issues. I'd suggest that if their response is what you
quoted they need to be more concerned about why they are being listed
than telling others not to use them. Of course, that tells me they
probably already know why they are listed and choose not to correct the
behavior that caused the listing.
Noel Jones
Feb 11, 2013, 11:47:56 AM2/11/13
to
On 2/11/2013 10:13 AM, Nikolaos Milas wrote:
> Hello,
>
> I am using Postfix 2.9.4 on CentOS 6.3 as a gateway server with the
> following postscreen settings:
>
> postscreen_dnsbl_threshold = 2
> postscreen_dnsbl_sites =
> b.barracudacentral.org*2,
> zen.spamhaus.org*2,
> psbl.surriel.com*2
> postscreen_dnsbl_action = enforce
> postscreen_greet_action = enforce
>
> Sometimes I receive complaints from some mail server operators that
> barracudacentral causes blocks of mail from their server, and "Very
> few email providers use Barracuda for their RBL's, so it is not an
> RBL we check very often or rely on".
>
> I remember that, when I had set up this gateway server, I had
> researched and found that barracudacentral should be OK.
>
> My questions now are:
>
> * Based on your experience and advice, should I keep the above
> postscreen settings? Any suggestions?
There is no one-size-fits-all, so do what fits at your site. What
> Hello,
>
> I am using Postfix 2.9.4 on CentOS 6.3 as a gateway server with the
> following postscreen settings:
>
> postscreen_dnsbl_threshold = 2
> postscreen_dnsbl_sites =
> b.barracudacentral.org*2,
> zen.spamhaus.org*2,
> psbl.surriel.com*2
> postscreen_dnsbl_action = enforce
> postscreen_greet_action = enforce
>
> Sometimes I receive complaints from some mail server operators that
> barracudacentral causes blocks of mail from their server, and "Very
> few email providers use Barracuda for their RBL's, so it is not an
> RBL we check very often or rely on".
>
> I remember that, when I had set up this gateway server, I had
> researched and found that barracudacentral should be OK.
>
> My questions now are:
>
> * Based on your experience and advice, should I keep the above
> postscreen settings? Any suggestions?
some folks do is weigh barracuda*1 and a few other dnsbl's such as
bl.spamcop.net, bl.spameatingmonkey.net, fresh.spameatingmonkey.net,
hostkarma.junkemailfilter.com=127.0.0.2, or ix.dnsbl.manitu.net, all
scored at one. That way multiple less-trusted dnsbl's must list a
site to reject their mail.
Opinions on which dnsbls are safe to block on their own vary
greatly. Adjust the postscreen scores as you see fit.
> * Should I avoid postscreen_dnsbl_sites and only use amavis to make
> decisions through scoring? How are you implementing such blocks?
use the whitelisting built into postscreen, too.
>
> Thanks in advance,
> Nick
-- Noel Jones
Nikolaos Milas
Feb 15, 2013, 9:27:03 AM2/15/13
to
On 11/2/2013 6:47 μμ, Noel Jones wrote:
>
> There is no one-size-fits-all, so do what fits at your site. What some
> folks do is weigh barracuda*1 and a few other dnsbl's such as
> bl.spamcop.net, bl.spameatingmonkey.net, fresh.spameatingmonkey.net,
> hostkarma.junkemailfilter.com=127.0.0.2, or ix.dnsbl.manitu.net, all
> scored at one. That way multiple less-trusted dnsbl's must list a site
> to reject their mail. Opinions on which dnsbls are safe to block on
> their own vary greatly. Adjust the postscreen scores as you see fit.
>
Thanks Noel, and everyone else for your feedback.
>
> There is no one-size-fits-all, so do what fits at your site. What some
> folks do is weigh barracuda*1 and a few other dnsbl's such as
> bl.spamcop.net, bl.spameatingmonkey.net, fresh.spameatingmonkey.net,
> hostkarma.junkemailfilter.com=127.0.0.2, or ix.dnsbl.manitu.net, all
> scored at one. That way multiple less-trusted dnsbl's must list a site
> to reject their mail. Opinions on which dnsbls are safe to block on
> their own vary greatly. Adjust the postscreen scores as you see fit.
>
Nick
0 new messages