Antispam-type people, I want your opinions on RBLs. I’ve given up on
Bayesian filtering companywide, and content-only filtering just doesn’t
cut it anymore, but I want to avoid putting RBL blocking or tagging in
place that I’m going to regret.
Basically I’m after low false positives and negatives, with an emphasis
on low false positives for the blocking ones and a balance between both
errors on the tagging ones; it’s also critical that all of the BLs are
based on mechanical or fixed criteria (and not on opinions).
The mailserver in question is the corporate mailhub; any mail coming
into the company comes in through there, so the variety of content is
pretty wide. Load is about 8-10k messages per hour, about 15% of which
are deliverable.
The plan is:
- Disable Bayesian filtering outright
- Block outright on sbl-xml.spamhaus.org, bl.spamcop.net,
list.dsbl.net, spam.dnsbl.sorbs.net - Give big spamassassin penalty to dnsbl.sorbs.net,
dsn.rfc-ignorant.org, ipwhois.rfc-ignorant.org, maybe njabl.net - Handle the DNS bits via zone transfers wherever possible,
instead of individual requests
Thoughts on those RBLs, or on moving from primarily content/bayes
to primarily RBL-based spam handling?
4 responses to “Choosing RBLs”
Just stay the fuck away from the pigfuckers at SPEWS
Is “pigfucker” an industry term?
It’s a term of the art, yes. ;)
RBLs that work for me:
Composite Blocking List
cbl.abuseat.org
Distributed Server Boycott List
list.dsbl.org
Easynet/NJABL Dynablock
dynablock.njabl.org
Not Just Another Bogus List
dnsbl.njabl.org
Spamcop
bl.spamcop.net
SpamHaus SBL
sbl.spamhaus.org
RBLs that are so erroneous as to be utterly worthless:
All of the ones from mailpolice.com