[TAG] Using DNS blacklists to reject mail.

[Joey Prestia]

Hi all,

I am wanting to gather some information about using DNSBL on mail
servers. I have been reading the information on most of the more popular
used blacklists like Spamcop and Spamhaus. Now I have come up with all
kinds of questions on the subject.

I would like to hear from any mail server administrators of their
experiences with these methods of rejecting spam at the "gate". It
seems apparent that one must gage what type of spam and what type of
lists to use very carefully because of the possibility of refusing valid
mail?

Is the implementation of using a DNSBL definitely something mail server
administrators should consider?

Is it common practice to use spamassassin and DNSBL together to reduce
bombardment of spam?

Although I have been using spamassassin for some time and see that it
does a very good job of filtering and correctly labeling mail. Also the
majority seems it could be prevented altogether by implementing the
correct DNSBL or DNSBL's at the mail server level as I can see by
spamassassin headers.

One thing I have heard is that it is not a good practice to put into
effect something like this because many bigger institutions can and
periodically do get put on blacklists, through no fault of their own.
One example I have seen:
http://www.stanford.edu/services/email/antispam/blacklist.html is this
an accurate representation of some of the possible effects of this being
put into practice?

Any recommendations as to suggested best practices in using these
measures?

Thanks,

-- 
Joey Prestia
L. G. Mirror Coordinator
http://linuxamd.com
Main Site http://linuxgazette.net