efa-project.org


https://forum.efa-project.org/

General RBL handling inside EFA

https://forum.efa-project.org/viewtopic.php?t=2067

Page 1 of 1

General RBL handling inside EFA

Posted: 23 Dec 2016 12:18
by ovizii
so I see that by default inside postfix/main.cf there is:

Code: Select all

smtpd_client_restrictions = permit_sasl_authenticated, reject_rbl_client zen.spamhaus.org
and inside /etc/MailScanner/MailScanner.conf there is:

Code: Select all

Spam List = # spamhaus-ZEN # You can un-comment this to enable them
and inside spam.lists.conf I see:

Code: Select all

# http://barracudacentral.org/rbl
BARRACUDA                       b.barracudacentral.org

# aggregate list - http://www.sorbs.net/using.shtml
SORBS                           dnsbl.sorbs.net

# aggregate list - http://www.spamhaus.org/zen/
SPAMHAUS                        zen.spamhaus.org

# aggregate list - https://www.spamcop.net/bl.shtml
SPAMCOP                         bl.spamcop.net
For one its weird that spamhaus-ZEN != SPAMHAUS

would it not be better to remove it from main.cf and use the more complex Mailscanner options? Especially seeing that I can use:

Code: Select all

Spam Lists To Be Spam = 1
Spam Lists To Reach High Score = 3

Re: General RBL handling inside EFA

Posted: 31 Jan 2017 14:22
by ovizii
Anyone using RBLs? Which one of these two methods are you using?

Re: General RBL handling inside EFA

Posted: 01 Feb 2017 06:10
by iridium1191
Hi ovizii,

We've run postfix & mailscanner for a few years (but only recently in EFA) and were advised that that it's more efficient to leave RBL's to Postfix. If enough RBL's returned positive then Postfix could handle the message without passing it onto Mailscanner.

However we decided to disable the RBL checks in Postfix and consolidate all SPAM checks in mailscanner/spamassassin. This was mostly for statistics and to be able to run querys on RBL's from the database but also because many RBL's give false positives. A false positive in Spamassassin only influences the SPAM score and in the worst case sends the message to quarantine where we can examine, release, blacklist or whitelist it if necessary. As far as I know a false positive in Postfix (at least in earlier versions) leaves you with no email in quarantine to check (although I think Postfix now lets you weigh the results from different RBL's).

So we find it more convenient to manage SPAM checks, including RBL's in Mailscanner/Spamassassin and leave more basic checks like greylisting or protocol checks to Postfix.

Re: General RBL handling inside EFA

Posted: 01 Feb 2017 18:28
by ovizii
Thanks for the detailed answer, that all makes more sense to me now.

Re: General RBL handling inside EFA

Posted: 27 Apr 2017 04:40
by pdwalker
Useful information.
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited