[TAG] Using DNS blacklists to reject mail.
René Pfeiffer
lynx at luchs.at
Mon Sep 22 11:23:52 MSD 2008
On Sep 21, 2008 at 0756 -0700, Joey Prestia appeared and said:
> Michael Makuch wrote:
>
> > Initially I used a long list of DNSBLs including spamhaus, abuseat,
> > njabl, blitzed, dsbl,
> > ordb, JAMMConsulting and uceprotect. But over time I have shortened that
> > list and I
> > currently only use zen.spamhaus.org.
> >
> > I recommend DNSBL. I wish that many more ISPs would use DNSBLs as I
> > think they would work even better.
>
> So using multiple DNSBL's together is relatively safe. [...]
I am doing this for years now, and it works very well.
> [...]
> Although I would think that perhaps the priority of the lines in the
> configuration of sendmail could be arranged so as to allow users that
> authenticate to bypass any ruleset?
It should be possible. It's easy in Postfix, you just put the SMTP AUTH
check before the DNSBLs and you're done. Another way is to use the
proper ports for SMTP clients (which is not port 25/TCP :) any bypass
the DNSBLs this way.
Best,
Ren?.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.linuxgazette.net/mailman/private/tag/attachments/20080922/5db33e96/attachment.pgp
More information about the TAG
mailing list