Results 1 to 6 of 6

Thread: DNSBL/RBL Suggestions, getting started?

  1. #1
    czguy is offline Senior Member
    Join Date
    Jan 2014
    Posts
    69
    Rep Power
    1

    Default DNSBL/RBL Suggestions, getting started?

    I have a new ZCS 8.0.6 server up and running smoothly so far. I'd like to look into DNSBL/RBL as another layer to prevent Spam.

    Setup in 8.0.6 under Global Settings -> MTA seems easy enough.

    What are the rest of you checking under the three options?:

    Client IP address
    Hostname in Greeting
    Sender's Domain

    Also, what are some reliable DNSBL/RBL that are available for free or commercial use? I've used spamhaus and spamcop before with success years ago. Just wondering what others are using.

    Thanks for any tips or advice you can provide.

  2. #2
    phoenix is online now Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,480
    Rep Power
    56

    Default

    Quote Originally Posted by czguy View Post
    IClient IP address
    Hostname in Greeting
    Sender's Domain
    None of those are set on my server, there are badly configured (genuine) mail servers that will get mail rejected by those settings.

    Quote Originally Posted by czguy View Post
    IAlso, what are some reliable DNSBL/RBL that are available for free or commercial use? I've used spamhaus and spamcop before with success years ago. Just wondering what others are using.
    The following RBLs are used on my server (in this order, yes it matters):

    Code:
    zen.spamhaus.org
    dnsbl.dronebl.org
    bl.spameatingmonkey.net
    psbl.surriel.com
    The Kill/Tag percentages are reduced slightly to 66/25 respectively. Anything you change should be monitored to check if it's working as expected.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  3. #3
    czguy is offline Senior Member
    Join Date
    Jan 2014
    Posts
    69
    Rep Power
    1

    Default

    Quote Originally Posted by phoenix View Post
    None of those are set on my server, there are badly configured (genuine) mail servers that will get mail rejected by those settings.
    Dually noted, I'll be sure to leave this unchecked.

    Quote Originally Posted by phoenix View Post
    The following RBLs are used on my server (in this order, yes it matters):

    Code:
    zen.spamhaus.org
    dnsbl.dronebl.org
    bl.spameatingmonkey.net
    psbl.surriel.com
    The Kill/Tag percentages are reduced slightly to 66/25 respectively. Anything you change should be monitored to check if it's working as expected.
    Thanks for the list. I noticed you have zen.spamhaus.org listed. Are you using it freely or did you end up signing up for the commercial service. We are a for-profit business so I think we may need to sign up for the paid service even though our queries won't exceed the free limits.

    I'll look into the others you've listed too. Probably just add one at a time. What log(s) should I be monitor to check for effectiveness with the RBL?

  4. #4
    czguy is offline Senior Member
    Join Date
    Jan 2014
    Posts
    69
    Rep Power
    1

    Default

    As a test I entered zen.spamhaus.org into the Global Settings -> MTA -> RBL and hit save.

    The MTA service restarted but when I check to see if it's listed in the config here's the output:

    Code:
    zimbra@mail:~$ zmprov gacf | grep zimbraMtaRestriction
    zimbraMtaRestriction: reject_non_fqdn_sender
    Should I not enter the RBL via the GUI/ZimbraAdmin? Is it better to follow this?: http://wiki.zimbra.com/wiki/Configur..._DNSBL_bounces
    Last edited by czguy; 01-12-2014 at 04:13 PM.

  5. #5
    babyporch is online now Active Member
    Join Date
    Jan 2009
    Location
    Palermo
    Posts
    43
    Rep Power
    6

    Default

    Quote Originally Posted by czguy View Post
    Dually noted, I'll be sure to leave this unchecked.

    Thanks for the list. I noticed you have zen.spamhaus.org listed. Are you using it freely or did you end up signing up for the commercial service. We are a for-profit business so I think we may need to sign up for the paid service even though our queries won't exceed the free limits.

    I'll look into the others you've listed too. Probably just add one at a time. What log(s) should I be monitor to check for effectiveness with the RBL?
    From Spamhaus web site:

    *Definition: "non-commercial use" is use for any purpose other than as part or all of a product or service that is resold, or for use of which a fee is charged. For example, using our DNSBLs in a commercial spam filtering appliance that is then sold to others requires a data feed, regardless of use volume. The same is true of commercial spam filtering software and commercial spam filtering services.

    A company that uses our DNSBLs solely to filter their own email qualifies as a non-commercial user and may use our free public DNSBLs if that company's email volume and DNSBL query volume is below the free use limits. The same is true for any non-profit organization, school, religious organization, or private individual who operates their own mail server.

  6. #6
    czguy is offline Senior Member
    Join Date
    Jan 2014
    Posts
    69
    Rep Power
    1

    Default

    Quote Originally Posted by babyporch View Post
    From Spamhaus web site:

    *Definition: "non-commercial use" is use for any purpose other than as part or all of a product or service that is resold, or for use of which a fee is charged. For example, using our DNSBLs in a commercial spam filtering appliance that is then sold to others requires a data feed, regardless of use volume. The same is true of commercial spam filtering software and commercial spam filtering services.

    A company that uses our DNSBLs solely to filter their own email qualifies as a non-commercial user and may use our free public DNSBLs if that company's email volume and DNSBL query volume is below the free use limits. The same is true for any non-profit organization, school, religious organization, or private individual who operates their own mail server.
    Thank you, this clarifies things and I read the same on Spamhaus' website as well. I think we meet the criteria for free so I will be implementing this today.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. whitelist, dnsbl order
    By aurfalien in forum Administrators
    Replies: 3
    Last Post: 05-24-2009, 12:29 AM
  2. New RBL/DNSBL
    By bhickey in forum Administrators
    Replies: 2
    Last Post: 12-19-2008, 06:01 AM
  3. DNSBL behind mail relay?
    By krag in forum Administrators
    Replies: 0
    Last Post: 08-21-2008, 09:43 AM
  4. Setting up DNSBL in Postfix
    By staufj22 in forum Administrators
    Replies: 0
    Last Post: 10-18-2007, 10:26 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •