pinkie pie

mendel


Rich Lafferty's Journal

(mendelicious mendelusions)


Previous Entry Share Next Entry
Choosing RBLs
thinking, perplexed
mendel
Antispam-type people, I want your opinions on RBLs. I've given up on Bayesian filtering companywide, and content-only filtering just doesn't cut it anymore, but I want to avoid putting RBL blocking or tagging in place that I'm going to regret.

Basically I'm after low false positives and negatives, with an emphasis on low false positives for the blocking ones and a balance between both errors on the tagging ones; it's also critical that all of the BLs are based on mechanical or fixed criteria (and not on opinions).

The mailserver in question is the corporate mailhub; any mail coming into the company comes in through there, so the variety of content is pretty wide. Load is about 8-10k messages per hour, about 15% of which are deliverable.

The plan is:

  • Disable Bayesian filtering outright
  • Block outright on sbl-xml.spamhaus.org, bl.spamcop.net, list.dsbl.net, spam.dnsbl.sorbs.net
  • Give big spamassassin penalty to dnsbl.sorbs.net, dsn.rfc-ignorant.org, ipwhois.rfc-ignorant.org, maybe njabl.net
  • Handle the DNS bits via zone transfers wherever possible, instead of individual requests

Thoughts on those RBLs, or on moving from primarily content/bayes to primarily RBL-based spam handling?


  • 1
Just stay the fuck away from the pigfuckers at SPEWS

Is "pigfucker" an industry term?

It's a term of the art, yes. ;)

RBLs that work for me:

Composite Blocking List
cbl.abuseat.org

Distributed Server Boycott List
list.dsbl.org

Easynet/NJABL Dynablock
dynablock.njabl.org

Not Just Another Bogus List
dnsbl.njabl.org

Spamcop
bl.spamcop.net

SpamHaus SBL
sbl.spamhaus.org

RBLs that are so erroneous as to be utterly worthless:

All of the ones from mailpolice.com

  • 1
?

Log in

No account? Create an account