[BlueOnyx:13039] Re: Problem with dnsbl zen.spamhaus.org

Michael Stauber mstauber at blueonyx.it
Fri May 17 09:57:40 -05 2013 

Hi Joachim,

> I have set up a new Server BO 5108R with AV-Spam-Package from Solarspeed.
> 
> Then I have activated the dnsbl „zen.spamhaus.org“.
> 
> Now when a user wants to sent a mail the programm „thunderbird“ respond
> with
> 
> the error message „Relaying denied – IP is listed in zen.spamhaus.org“.

Ok, this is a bit of a misconception:

Yes, the AV-SPAM uses several blacklists - including several from
spamhaus.org. However, these RBL checks are just a contributing factor
to the SPAM score of SpamAssassin. Just being listed in one of the
blacklists alone usually doesn't provide enough scoring so that the mail
is blocked based on that single reason alone. At least not with the
default settings that the AV-SPAM initially has.

Now if you go and manually add RBL blacklists to Sendmail (either
manually or via the BlueOnyx GUI), then that is an entirely different
matter: In that case a single listing of that IP in any of the
blacklists used directly by Sendmail will cause a rejection.

In my opinion you should be careful to tie RBLs directly into Sendmail.
It can be beneficial, yes. But usage of some of these RBL's can be a bit
counter-productive as some of them paint with an awfully wide brush.

I find the score based RBL usage inside SpamAssassin a lot more
reasonable. If it's really SPAM, there will be other indicators in the
Email as well, which (with the aid of the higher base score due to the
RBL listing) will then surely mark SPAM as SPAM. While legitimate emails
from a poor sod that got blacklisted due to collateral damage will still
get through.

Furthermore SpamAssassin can (and in the case of the integration into
the AV-SPAM) also uses RBL blacklists to score URLs in the email body.
Which is also a pretty good thing to have.

As for using spamhaus.org RBL blacklists directly in Sendmail: I'd
recommend to restrict that to ROKSO, DROP, DBL and maybe XBL. But XBL is
already touch and go, as it contains data they harvested elsewhere, too.

-- 
With best regards

Michael Stauber

More information about the Blueonyx mailing list