[wplug-internet] Mailserver DNSBL

Michael Semcheski mhsemcheski at gmail.com
Sun Aug 17 20:01:03 EDT 2008


To me, I don't see a huge problem with spam to WPLUG aliases.  The
only reason I can see not to put this into affect is that "if it isn't
broken, don't fix it."

However, the PBL is probably marginally more efficient than
greylisting.  If you want to enable it, I don't have a problem with
it.  But I'm not clamoring for it either.

On Sun, Aug 17, 2008 at 7:50 PM, Vance Kochenderfer <vkochend at nyx.net> wrote:
> A couple weeks ago, I enabled the pbl.spamhaus.org DNS blocklist on the
> mailserver <http://www.spamhaus.org/pbl/>.  It is active in warning mode
> which means that messages are not actually rejected, just logged when
> a hit against the PBL occurs.  Here are statistics since then:
>
> Date  Jul29 J30 Aug1  A2  A3  A4  A5  A6  A7  A8  A9 A10 A11 A12  A13 A14  A15
> Conn    787 701  556 439 464 585 710 887 739 687 393 439 473 878 1122 809 1101
> Accept  114  80   34  13  23  33  22  21  66  51  29  22  47  50   35  25   37
> PBL      48  40    5   6   7   8   5   4  21  14   9   4   7   6    6   3    7
>
> "Date" is, oddly enough, the date.  "Conn" is the number of outside
> connections made to the mail server.  "Accept" is messages accepted from
> outside for delivery (due to the methodology, this may undercount
> slightly).  "PBL" is the number of hits against the blocklist, and hence
> the number of messages that would have been rejected had the blocklist
> been in reject mode.
>
> As you can see, putting the blocklist into effect would only cut down on
> a few spam messages on the typical day, but some days would have a much
> larger effect.  As far as I can tell from the logs, none of the PBL hits
> were actually non-spam, so I'm satisfied that we aren't going to see
> false positives.
>
> Can anyone think of a reason not to put the PBL into reject mode?
> Please speak up!
>
> Vance Kochenderfer        |  "Get me out of these ropes and into a
> vkochend at nyx.net          |   good belt of Scotch"    -Nick Danger
> _______________________________________________
> wplug-internet mailing list
> wplug-internet at www.wplug.org
> http://www.wplug.org/mailman/listinfo/wplug-internet
>


More information about the wplug-internet mailing list