On 15/05/06, Simon Lyall
On Mon, 15 May 2006, Alastair Johnson wrote:
Isn't this precisely why spamcop suggest not to bounce email on the basis of the bl.spamcop.net list, and instead use it to tag/mark/score email?
Yep. I am continiously amazed by the number of large mail sites that automaticly block all email from IPs with a RBL listing.
I found SBL+XBL was fine to do that with while spamcop, SORBS*, etc. caused too many falses, so only got used for scoring. If you're even more conservative than I am, you can only use the Spamhaus DROP list. SBL+XBL used to reject a quite frightening ~60% of mail without causing any issues.
If it is a work mail server then I would make sure that your management have signed off on the policy and that the potential downsides were explained to them (and you have a paper trail to prove it).
Definitely, and run and check it in test mode for a month (postfix has warn_if_reject, I think you can add X- headers on Exim) before you start rejecting. I'd add - 1. keep an eye on announcements for the RBL. We all remember what happened when a certain list closed down by returning hits for 0/0, don't we? 2. make sure your DNS servers are up to it, and that the system deals with timeouts gracefully, ie. mail doesn't back up if you can't talk to the RBL. 3. if you absolutely, positively need mail from somewhere, whitelist it. cheers, Jamie [*] - depending on which zones you use -- Jamie Riden / jamesr(a)europe.com / jamie.riden(a)computer.org NZ Honeynet project - http://www.nz-honeynet.org/