[CentOS] Postfix and choice of RBL

Mon Jun 17 15:18:49 UTC 2019
mark <m.roth at 5-cent.us>

Bowie Bailey wrote:
> On 6/17/2019 6:20 AM, Nicolas Kovacs wrote:
>> I'm managing several mail servers running CentOS 7, Postfix and
>> Dovecot.
>> SpamAssassin is filtering mail nicely, but I'm considering using RBL
>> (blacklists) to take some load off the servers.
>> General question to those of you who use RBL. Which lists do you
>> recommend using?
> The best free blacklist that I'm aware of is zen.spamhaus.org.  I've been
> using it as a blacklist on my server for years without any problems.
> More info: https://www.spamhaus.org/zen/
I have an issue with a lot of the blacklists - manitu, the one this list
uses. My issue is that IMO, the method they use to blacklist hasn't been
good for almost 20 years: instead of blocking a specific domain, they
blacklist the mailserver.

Now, in Days of Yore, when people were connected by modem to an ISP,
maybe. But most ISPs were devoured by large companies, such as my hosting
provider, Hostmonster. They have a few mailservers, which they loadbalance
with... and they host, I have personally been told, millions of domains.

The first time I ran into this, around 2000, I was unable to email a
friend in Canada, because they were blacklisting RoadRunner, which was the
ONLY WAY hundreds of thousands of folks in Chicago sent email, that having
eaten all the other ISPs.

Now, blocking my mailserver, which is a unifiedlayer somethingorother,
because a few of those burner domains that people buy, send spam, etc
from, and blow off, means I, and many others, are screwed.

Getting through to a hosting provider support to do something with the
blacklister means
a) proving I'm the account owner
b) telling them what's wrong, and
c) convincing the call taker that I really do know what I'm talking about,
and they do have to push it to tier 2 support, or
d) escalating to get a manager, who'll push it.

And like that's going to happen in an hour. Try a day or five.

This is why I dislike blacklists, the way they're currently run.