Spamhaus Zen

seanbranagh · ‎02-08-2007

Anyone using this list? Is it any good?
I have spent much of today researching and locking down my postfix servers after an unexplained, sudden increase in spam to my own mailbox which has seen virtually no spam for the past four years despite having no spam protection whatsoever.
Aswell as putting quite a few smtp restrictions in place I have made use of this list. I suppose time will tell.

fourfourdevon · ‎10-09-2010

Spamhaus is one of, if not the best in terms of reputation.
But it depends on who and why your being targeted, you may need to implement other blacklists and measures too.
If you can justify the cost, putting MessageLabs between the internet and your email server is pretty much the ultimate in email filtering.

seanbranagh · ‎02-08-2007

I really couldn't justify using Message Labs. My full time employer does use it though and it is very good. In the entire time I have worked there I (nor anyone else I work with) have had an issue with spam or missing emails.
I woke up this morning, checked my phone (personal, part time work email) and found no spam so hopefully yesterday's measures worked. I will trawl the maillogs later to confirm this.

seanbranagh · ‎02-08-2007

Spamhaus has caused a problem with some of my users sending outgoing mail from BT connections:
"It is the policy of BT Retail that unauthenticated email sent from this IP address should be sent out only via the designated outbound mail server allocated to BT Retail customers."
They were being blocked by the PBL for this reason so I have had to remove zen.spamhaus.org and just add sbl.spamhais.org and xbl.spamhaus.org
The strange thing is that the server IS configured and DOES use SASL authentication?

zubel · ‎08-06-2007

SASL authenticated on port 25 perchance?
B.

seanbranagh · ‎02-08-2007

Yes.

seanbranagh · ‎02-08-2007

If I was to change the port would this resolve the issue?
That is not really an option. My users have difficulty setting up their mail clients with mostly default options. Changing the SMPT port would be a serious headace for me!

seanbranagh · ‎02-08-2007

I have ran into further issues with this. As an added measure I set postfix to reject connections from clients with no RDNS. This seams fair enough as it is used by AOL.
Straight away I could see a large amount of rubbish being rejected by the server based on this but it also caused a problem.
Many of my users use O2 phones including myself. All of these phones connect through addresses in the range 82.132.x.x on which O2 have no RDNS records?

How can I configure postfix to allow connection from this IP range despite having no RDNS but block connections from all other IP's with no RDNS?

seanbranagh · ‎02-08-2007

I have work out how to get round the previous issue using a client access map. Looking through the mail log for the past few hours I can see rejected connections from barracuda and xbl.spamhaus.org (I omited their RBL list due to the previous issue) about every 10 minutes. None of which would appear to be legimate email.
That should be a good dent in the amount of spam.
More importantly, it is now after 10am and I have not received a single phonecall from any clients reporting missing emails. Fingers crossed

Spamhaus Zen

Spamhaus Zen

Re: Spamhaus Zen

Re: Spamhaus Zen

Re: Spamhaus Zen

Re: Spamhaus Zen

Re: Spamhaus Zen

Re: Spamhaus Zen

Re: Spamhaus Zen

Re: Spamhaus Zen