revue des RBLs
This commit is contained in:
parent
4dd6f03248
commit
782f079a3a
|
@ -209,7 +209,7 @@ postscreen_greet_banner = Welcome! Are you a zombie?
|
|||
# RBL
|
||||
# If score >=2, reject with 550
|
||||
postscreen_dnsbl_threshold = 10
|
||||
postscreen_dnsbl_sites = zen.spamhaus.org=127.0.0.[2..255]*9,
|
||||
postscreen_dnsbl_sites = zen.spamhaus.org=127.0.0.[2..11]*9,
|
||||
bl.spamcop.net*9,
|
||||
b.barracudacentral.org*8,
|
||||
cbl.abuseat.org*8,
|
||||
|
@ -228,7 +228,7 @@ postscreen_dnsbl_sites = zen.spamhaus.org=127.0.0.[2..255]*9,
|
|||
all.s5h.net*5,
|
||||
bl.mailspike.net*5,
|
||||
cidr.bl.mcafee.com*5,
|
||||
hostkarma.junkemailfilter.com=127.0.0.4*4,
|
||||
hostkarma.junkemailfilter.com=127.0.0.3*4,
|
||||
aspews.ext.sorbs.net*2,
|
||||
dnsblchile.org*1,
|
||||
hostkarma.junkemailfilter.com=127.0.0.1*-6
|
||||
|
@ -287,10 +287,10 @@ Dans `/etc/whitelister.conf` :
|
|||
~~~
|
||||
sock: /var/spool/postfix/private/whitelister.ctl
|
||||
|
||||
rbl: zen.spamhaus.org
|
||||
#rbl: zen.spamhaus.org
|
||||
rbl: bl.spamcop.net
|
||||
rbl: b.barracudacentral.org
|
||||
rbl: cbl.abuseat.org
|
||||
#rbl: cbl.abuseat.org
|
||||
rbl: dnsbl.sorbs.net
|
||||
rbl: ix.dnsbl.manitu.net
|
||||
rbl: psbl.surriel.com
|
||||
|
@ -307,34 +307,18 @@ rbl: dnsbl.inps.de
|
|||
rbl: bl.blocklist.de
|
||||
rbl: all.s5h.net
|
||||
rbl: bl.score.senderscore.com
|
||||
rbl: rbl.rbldns.ru
|
||||
#rbl: rbl.rbldns.ru
|
||||
rbl: dnsbl.cobion.com
|
||||
rbl: bl.mailspike.net
|
||||
rbl: cidr.bl.mcafee.com
|
||||
rbl: dnsblchile.org
|
||||
#rbl: dnsblchile.org
|
||||
rbl: aspews.ext.sorbs.net
|
||||
rbl: l2.spews.dnsbl.sorbs.net
|
||||
|
||||
rhbl_client: dsn.rfc-clueless.org
|
||||
rhbl_client: postmaster.rfc-clueless.org
|
||||
rhbl_client: abuse.rfc-clueless.org
|
||||
rhbl_client: whois.rfc-clueless.org
|
||||
rhbl_client: bogusmx.rfc-clueless.org
|
||||
|
||||
rhbl_sender: dsn.rfc-clueless.org
|
||||
rhbl_sender: postmaster.rfc-clueless.org
|
||||
rhbl_sender: abuse.rfc-clueless.org
|
||||
rhbl_sender: whois.rfc-clueless.org
|
||||
rhbl_sender: bogusmx.rfc-clueless.org
|
||||
|
||||
rhbl_helo: dsn.rfc-clueless.org
|
||||
rhbl_helo: postmaster.rfc-clueless.org
|
||||
rhbl_helo: abuse.rfc-clueless.org
|
||||
rhbl_helo: whois.rfc-clueless.org
|
||||
rhbl_helo: bogusmx.rfc-clueless.org
|
||||
|
||||
dns_client: 1
|
||||
dns_rev_client: 1
|
||||
|
||||
verb: 0
|
||||
~~~
|
||||
|
||||
Ajouter la ligne à la directive `smtpd_recipient_restrictions` du fichier `/etc/postfix/main.cf` :
|
||||
|
@ -367,17 +351,17 @@ $ dig +short 8.8.8.8.clients.rbl.gcolpart.com
|
|||
|
||||
Il existe de très nombreuses RBLs pour IP... le problème est leur fiabilité et leur politique pour en sortir.
|
||||
|
||||
Voici une liste de RBLs que nous utilisons (août 2015) :
|
||||
Voici une liste de RBLs que nous utilisons (ou pas) :
|
||||
|
||||
| RBL | Notre confiance | Lien (optionel) |
|
||||
|-----|-----------------|-----------------|
|
||||
|clients.rbl.gcolpart.com|100%|<http://mx.evolix.net/>|
|
||||
|zen.spamhaus.org|90%|<http://www.spamhaus.org/>|
|
||||
|zen.spamhaus.org (127.0.0.X)|90%|<http://www.spamhaus.org/> (depuis 2020 possible d'avoir des réponses en 127.255.255.25X si rate-limiting etc.)|
|
||||
|bl.spamcop.net|90%|<https://www.spamcop.net/bl.shtml>|
|
||||
|b.barracudacentral.org|80%|<http://barracudacentral.org/>|
|
||||
|cbl.abuseat.org|80%|<http://cbl.abuseat.org/>|
|
||||
|cbl.abuseat.org|80%|<http://cbl.abuseat.org/> (inutile, racheté par SpamHaus début 2021)|
|
||||
|bl.score.senderscore.com|80%|<http://www.senderscore.com/>|
|
||||
|hostkarma.junkemailfilter.com (127.0.0.2)|80%|<http://wiki.junkemailfilter.com/index.php/Spam_DNS_Lists>|
|
||||
|hostkarma.junkemailfilter.com (127.0.0.2)|80%|<http://wiki.junkemailfilter.com/index.php/Spam_DNS_Lists> (attention 127.0.0.1 signifie liste blanche)|
|
||||
|dnsbl.sorbs.net|70%|<http://www.sorbs.net/>|
|
||||
|ix.dnsbl.manitu.net|60%|<http://www.dnsbl.manitu.net/>|
|
||||
|psbl.surriel.com|50%|<http://psbl.org/>|
|
||||
|
@ -395,20 +379,19 @@ Voici une liste de RBLs que nous utilisons (août 2015) :
|
|||
|bl.mailspike.net|50%|<http://www.mailspike.net/>|
|
||||
|cidr.bl.mcafee.com|50%|<http://www.mcafee.com/> (semble indispo ce jour, sept 2023)|
|
||||
|bl.spamcannibal.org|40%|<http://spamcannibal.org> (indispo depuis juin 2019)|
|
||||
|hostkarma.junkemailfilter.com (127.0.0.4)|40%|<http://wiki.junkemailfilter.com/index.php/Spam_DNS_Lists>|
|
||||
|work.drbl.gremlin.ru|40%|<http://gremlin.ru/soft/drbl/en/>|
|
||||
|work.drbl.gremlin.ru|40%|<http://gremlin.ru/soft/drbl/en/> (parfois très lente à répondre)|
|
||||
|aspews.ext.sorbs.net|20%|<http://www.aspews.org/>|
|
||||
|l2.spews.dnsbl.sorbs.net|10%|<http://www.spews.org> ?|
|
||||
|rbl.rbldns.ru|10%|<http://www.rbldns.ru/index.php/en/>|
|
||||
|rbl.rbldns.ru|10%|<http://www.rbldns.ru/index.php/en/> (parfois très lente à répondre)|
|
||||
|dnsblchile.org|10%|<http://www.dnsblchile.org/>|
|
||||
|dnsbl.stopspam.org|0%|<http://www.stopspam.org>|
|
||||
|dnsbl.proxybl.org|0%|<http://proxybl.org/>|
|
||||
|pbl.spamhaus.org|N/A|<https://www.spamhaus.org/pbl/>|
|
||||
|pbl.spamhaus.org|N/A|<https://www.spamhaus.org/pbl/> (inclus dans `zen.spamhaus.org`)|
|
||||
|
||||
|
||||
### RBL pour les domaines expéditeur / HELO
|
||||
### RBL pour les domaines expéditeur / HELO
|
||||
|
||||
<http://rfc-clueless.org/> est particulier, cela liste tous les domaines qui ne respectent pas les RFC, y compris GMAIL & co :)
|
||||
Attention, RFC^2 (RFC Clueless) s'est arrêté définitivement en 2023.
|
||||
|
||||
### URIBL : les RBLS pour les URI / noms de domaines
|
||||
|
||||
|
@ -721,7 +704,7 @@ score RCVD_IN_HOSTKARMA_BL 3.0
|
|||
header RCVD_IN_HOSTKARMA_BR eval:check_rbl_sub('HOSTKARMA-lastexternal', '127.0.0.4')
|
||||
describe RCVD_IN_HOSTKARMA_BR Sender listed in HOSTKARMA-BROWN
|
||||
tflags RCVD_IN_HOSTKARMA_BR net
|
||||
score RCVD_IN_HOSTKARMA_BR 1.0
|
||||
score RCVD_IN_HOSTKARMA_BR 2.0
|
||||
|
||||
ifplugin Mail::SpamAssassin::Plugin::URIDNSBL
|
||||
urirhssub URIBL_HOSTKARMA_BL hostkarma.junkemailfilter.com. A 127.0.0.2
|
||||
|
|
Loading…
Reference in a new issue