email blacklists ( MAPS, ect... )

XOR != OR

[H]F Junkie
Joined
Jun 17, 2003
Messages
11,547
So I have my qmail installation at home, virus protection and spam prevention built into the server. But what I'd really like to do is block the connection itself, and for that I would need a rbl of some sort.

My question is two fold:

1) Do all rbl works the same? I know MAPS does it simply using dns queries, specially formulated. Is this common? It would seem the best and simplest way of doing it, but is it the way most rbl do it?

2) Can anybody recommend a good rbl that they use or have used?
 
Originally posted by XOR != OR
1) Do all rbl works the same? I know MAPS does it simply using dns queries, specially formulated. Is this common? It would seem the best and simplest way of doing it, but is it the way most rbl do it?

Pretty much. Common name is "dnsbl"--DNS BlackList. Basically it's an isolated DNS server that just contains listings of blacklisted machines. If a DNS lookup via that server succeeds, the host is rejected (and usually receives an appropriate rejection notice).


2) Can anybody recommend a good rbl that they use or have used?

I currently use SpamHaus and Open Relay DataBase. SpamHaus tracks actual spammers; ORDB tracks hosts where clumsy admins are running open relays. If you're running a mailserver yourself, ORDB can actually scan it for free to test if it's running an open relay.

SpamHaus and other spammer blacklist services have recently been under attack by--you guessed it--spammers. Mainly the attacks consist of DDoS attacks and frivolous lawsuits (SpamHaus can tell you all about frivolous lawsuits). A lot of these services are nonprofit and can't withstand that sort of treatment, so many have no choice but to roll over and die. :(

Outside of DNSBLs, you might also try content-based spam filters, like spamassassin or a Bayesian filter. They're not quite perfect (they might raise a few false alarms), but some come pretty close.
 
The SpamCop list works very well, and has low collateral damage.
 
Originally posted by Kelledin
I currently use SpamHaus and Open Relay DataBase. SpamHaus tracks actual spammers; ORDB tracks hosts where clumsy admins are running open relays. If you're running a mailserver yourself, ORDB can actually scan it for free to test if it's running an open relay.
Ah, thank you. Good to know.
SpamHaus and other spammer blacklist services have recently been under attack by--you guessed it--spammers. Mainly the attacks consist of DDoS attacks and frivolous lawsuits (SpamHaus can tell you all about frivolous lawsuits). A lot of these services are nonprofit and can't withstand that sort of treatment, so many have no choice but to roll over and die. :(
I've been keeping an eye on this, and it saddens me to see it. I would donate if I could find a list that I liked. :)
Outside of DNSBLs, you might also try content-based spam filters, like spamassassin or a Bayesian filter. They're not quite perfect (they might raise a few false alarms), but some come pretty close.
Yeah, that's my setup right now. qmail with qmail-scanner+clamscan+spamassassin. qmail-scanner itself checks message integrity ( broken headers, disallowed characters in mime-type, ect... ), clamscan scans for viruses and such, where as spamassassin does the obvious.

I'm really happy with the setup, the only problem I have is I still get my bandwidth wasted. :( So with a dnsbl I would hope to drop the connection before anything transfered.
 
Back
Top