[Mimedefang] Using relay_is_blacklisted() or Sendmail dnsbl feature ?

Kayne Kruse Kayne at moranprinting.com
Tue Jul 1 13:36:01 EDT 2003


Well,

You would have to simply run it like this:  

sub filter_relay {

	my ( $ip, $name, $helo) = @_;
	if (relay_is_blacklisted($ip, 'sbl.spamcop.net')) {
		return('REJECT', 'You are listed in sbl.spamcop.net, see url=$ip for more details);
		}
}

You probably have no issue however, other than the remote RBL sometimes gets overloaded with requests and runs slow.   I always thought it was better to let sendmail handle dnsbl requests from the point of view of cpu cycles.  Sendmail probably can do this alot quicker, and I've seen in the past where you can trick the .mc to timeout on rbls and allow the message through for when some of them go down or become unavailble.  Mimedefang offers more flexibility to check relay ip's against a whitelist before checking rbl or vise versa and allows you to do more custom interfacing easier than dealing with .mc's via sendmail.  I just dont use rbl anymore since it effects our clients being able to deliver job files from marketing customers. :( But I have found that most of our spam comes from stuff that SA can tag and drop at about 7 points.  Some users have reported that that threshold is too low and is allowing some of the stuff through, but not enough to amount to 1/2 messages per day.  All in all I think I've found the point here over the last year or so and only revisit it once in a while, unless david changes the code so drastically that requires me to rewrite the rules, which has not happened to me yet.  

Kayne

-----Original Message-----
From: Ole Holm Nielsen [mailto:Ole.H.Nielsen at fysik.dtu.dk]
Sent: Tuesday, July 01, 2003 9:46 AM
To: mimedefang at lists.roaringpenguin.com
Subject: [Mimedefang] Using relay_is_blacklisted() or Sendmail dnsbl
feature ?


We're having a performance problem with Sendmail 8.12.8
running on a Red Hat Enterprise Linux ES 2.1 server.

Using Sendmail's DNS-blacklist feature,
    FEATURE(dnsbl,`bl.spamcop.net', ...
I'm invariably seeing delays of 30-90 seconds when delivering
messages, even when I use only a local dnsbl-server with
sub-second response.  The server is not loaded at all
(it's a 2.0 GHz Intel Xeon server).  I have no such problems
with a Redhat 9 server using the same dnsbl-servers, so I
wonder if anyone out there knows of Sendmail 8.12 problems on
Redhat ES2.1 (or the similar Redhat 7.2) ?

Anyway, I wanted to try to replace Sendmail's dnsbl lookups
with the corresponding mimedefang-filter function
relay_is_blacklisted().  However, I don't know where
it's appropriate to insert calls to relay_is_blacklisted()
in the default mimedefang-filter script.

Question: Can anyone explain the details of proper usage of
relay_is_blacklisted(), and perhaps shed light on Sendmail's
dnsbl lookup problems ?

Ole Holm Nielsen
Department of Physics
Technical University of Denmark

_______________________________________________
MIMEDefang mailing list
MIMEDefang at lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang




More information about the MIMEDefang mailing list