From LedHed's Wiki
Jump to: navigation, search
Line 24: Line 24:
 
== Postfix RBL Controls ==
 
== Postfix RBL Controls ==
  
To perform RBL checks in [http://www.postfix.org Postfix] use ''reject_rbl_client rbl.provider'' under ''smtpd_recipient_restrictions'''
+
To perform RBL checks in [http://www.postfix.org/uce.html#smtpd_sender_restrictions Postfix UCE Controls] use ''reject_rbl_client rbl.provider'' under ''smtpd_client_restrictions'''
  
  smtpd_recipient_restrictions =
+
  smtpd_client_restrictions =
    permit_mynetworks
+
    ...
+
    ...
+
 
     reject_rbl_client sbl-xbl.spamhaus.org
 
     reject_rbl_client sbl-xbl.spamhaus.org
    ...
 
    ...
 
 
 
Its a good idea to put ''reject_rbl_client'' higher up in the list because it can eliminate the need to perform other checks which use system resources.
 
 
 
  
 +
This checks the senders IP early on, saving system resources.
  
  
  
 
[[Category:Postfix]]
 
[[Category:Postfix]]

Revision as of 20:44, 25 March 2007

Real Time Blacklists RBL's are lists of IP addresses which are known to send SPAM.

Reference: http://www.spamhaus.org


How RBL's Work

RBL's work through DNS queries. Mail servers perform a dns lookup of the senders IP address through a RBL (such as zen.spamhaus.org). If the senders IP is listed in the RBL, then your mail server can perform an action (usually Bounce the Message)


Considerations

By implementing RBL's you are giving a 3rd party control over your mail server. If the RBL mistakenly lists the wrong IP then legitimate mail could get bounced/rejected. Before implementing RBL's make sure the RBL is trustworthy and builds its lists based upon your needs. There are many RBL's available, each doing different things. Some build their lists based upon Dynamic IP ranges, others based on viruses, and others based on "Spam Traps". The bottom line is be careful!


Postfix RBL Controls

To perform RBL checks in Postfix UCE Controls use reject_rbl_client rbl.provider under smtpd_client_restrictions'

smtpd_client_restrictions =
    reject_rbl_client sbl-xbl.spamhaus.org

This checks the senders IP early on, saving system resources.