[Mimedefang] Selecting which RBLs to check mail against.
Kelson Vibber
kelson at speed.net
Wed May 14 13:07:00 EDT 2003
"Martin Ferguson" <martin at mve.com> wrote:
>I've been running mimedefang and spamassassin for a few months now
<snip>
>How do I select specific RBLs to check my mail against?
Since you're already running SpamAssassin, let me suggest what I've done:
Set up your filter to log the list of tests for each message, then wait for
a week or two to collect logs. Then go through the logs looking for which
RCVD_IN_ tests were triggered the most, and focus on those. (Don't forget
that Bonded Sender is a whitelist!) Then see which ones have lots of false
positives (assuming you can recognize most spam by subject and most clients
by sender address), and either disable or lower the scores on those in your
SA config. If you find some that have no or very few false positives, you
can consider using them at the Sendmail level. grep is very useful here,
although I've found importing the log file to a spreadsheet helps also.
It sounds like you've already got an idea of a few lists that are
problematic for your case (RFC-Ignorant, relays.osirusoft.com).
The other route you can take is to educate your clients. Let them know
their relays are insecure, let them know their server is violating the
RFCs, let them know where they are listed, and that it's in their best
interest to fix the problems, and they'll get off of those lists. AFAIK,
neither of the two lists you mentioned adds anyone based on geographical
location (although Osirusoft does sometimes seem overzealous).
Kelson Vibber
SpeedGate Communications <www.speed.net>
More information about the MIMEDefang
mailing list