[Mimedefang] RE: MIMEDefang digest, Vol 1 #254 - 14 msgs

Troy Carpenter troy at carpenter.cx
Tue Jul 23 12:08:00 EDT 2002 

Sidney,

In my filter_recipient, I check the following RBLs:
 relays.ordb.org
 list.dsbl.org
 relays.osirusoft.com
 bl.spamcop.net

As I watch my logs (using logwatch and modified sendmail script to count
hits on the blacklists), list.dsbl.org is hit the least, spamcop and
relays.osirusoft are hit the most.  My filter rejects on the first hit
on a list (checked in the order listed above), so I don't know the
overlap frequency, but I do know that my logs show each list has been
hit, possibly indicating good mutually exclusive listings. None of these
lists have ever rejected "good" email.

I used to check blackholes.five-ten-sg.com and multihop.dsbl.org as
well, but those two list produced too many false positive rejects.

I have not tried SpamHaus or SPEWS so I have no data or comment on those
lists.

I posted my filter_recipient routine in an earlier message, and have
since added bl.spamcop.net and tried five-ten-sg.  I use
filter_recipient (as opposed to sendmail or the other Mimedefang
routines) because it is passed all the important info I use to determine
a reject: relay, sender and recipient. For instance, if an email is sent
to "postmaster at carpenter.cx", I always accept it and skip all checks. I
might also accept email from certain senders regardless of the relay...I
don't think the sendmail bouncing allows you to make those kinds of
exceptions.

Troy Carpenter
troy at carpenter.cx

-----Original Message-----
From: "Sidney Markowitz" <sidney at sidney.com>
To: <mimedefang at lists.roaringpenguin.com>
Subject: Re: [Mimedefang] First two headers not written to INPUTMSG
Date: Tue, 23 Jul 2002 08:05:26 -0700
Reply-To: mimedefang at lists.roaringpenguin.com

David F. Skoll <dfs at roaringpenguin.com>
> Frankly, I don't see much value in RBL's.

I wanted to add the test so I can see just how effective it is. The main
thing I want to do with it is see if the more conservative RBLs such as
SpamHaus, SPEWS, and the confirmed open relay list seem to be, are
definite enough spam indicators that I can start just bouncing based on
them. This is for my home system so I can choose to do that, where that
might not be true if I were an ISP or a sysadmin for a company.

Once I can see how often and in which cases the RBL rule matches, I
might just decide to enable DNSRBL bouncing for only those RBL lists in
my sendmail.

More information about the MIMEDefang mailing list