| Featured Product |
|
Antivirus for your email server! Virus & content check mail with 5 virus scanning engines. Free 30 day trial available!
  
|
|
Optimized RBL's, Spam Blacklist
Tuesday, June 29, 2004
Author: Richard S. Westmoreland
Permalink: 20040629005840948
|
Anti-Spam
|
|
RBL stands for Realtime Blacklist, Realtime Block List, or Realtime Blackhole List. Many administrator's stay away from RBL's because of their potential of blocking legitimate email, but if you are familiar with the right ones to use, you can almost eliminate the false-positive rate.
The Magic RBL list:
sbl-xbl.spamhaus.org 127.0.0.2
sbl-xbl.spamhaus.org 127.0.0.4
sbl-xbl.spamhaus.org 127.0.0.6
bl.spamcop.net 127.0.0.2
These seem to be the silver bullets. On some spam filters you can just add the rbl without the return IP.
Additionally I use:
blackholes.mail-abuse.org 127.0.0.2
dialups.mail-abuse.org 127.0.0.3
block.rhs.mailpolice.com 127.0.0.2
zombie.dnsbl.sorbs.net 127.0.0.2
dul.dnsbl.sorbs.net 127.0.0.2
dynamic.rhs.mailpolice.com 127.0.0.2
fraud.rhs.mailpolice.com 127.0.0.2
But since Spamhaus began offering the XBL lookup, the second set of RBLs have not been returning anything.
The trick is to not use an RBL that relies on an Open Relay database. Spamhaus only lists verified spammers in their SBL, and proxies/dialups, etc. (sources that should not be sending email) in their XBL. Spamcop does list some open relays but only if they've already been compromised by spammers.
By using these RBLs at the email gateway, you can stop a huge chunk of spam from ever getting to your network - saving precious bandwidth and reducing processing time for content based filters.
|
|
|
