Blacklist Filter resource...for Postfix (Linux)

by Morten Holmensen

Welcome to the DNS BlackList Resource Center.
For week-by-week success and failure data for a specific blacklist, select a blacklist from the list below.

Blacklists with data available for public display:

l2.apews.org bhnc.njabl.org cbl.abuseat.org t1.dnsbl.net.au list.dsbl.org unconfirmed.dsbl.org blackholes.five-ten-sg.com korea.services.net luckyseven.dnsbl.net

no-more-funn.moensted.dk psbl.surriel.com spam.spamrats.com noptr.spamrats.com dyna.spamrats.com dnsbl.sorbs.net blacklist.spambag.org bl.spamcannibal.org bl.spamcop.net

dnsbl.tqmcube.com ubl.unsubscore.com dnsbl-1.uceprotect.net dnsbl-2.uceprotect.net dnsbl-3.uceprotect.net UCEPROTECT All Lists db.wpbl.info zen.spamhaus.org 0spam.fusionzero.com

Each blacklist detail page contains thirteen weeks worth of data, graphically represented. Each green bar represents the weekly average percentage of spam that would be blocked by use of that list. Each red bar represents the weekly average percentage of ham (non-spam) that would be blocked by use of that list. The spam and ham buckets are unique; therefore it is possible to have both a high accuracy rate against spam and a high false positive rate against non-spam.

For every 10% of accuracy, ten out of one hundred spams were successfully blocked by a given list. For every 5% of inaccuracy, one out of every twenty desired emails was blocked by a given list.

Quick DNSBL Stats
21 days	39794 spams	1515 hams
DNSBL Zone	Accuracy % (against spam)	Inaccuracy % (against non-spam)
zen.spamhaus.org	81%	0%
bl.spamcop.net	62%	0%
psbl.surriel.com	53%	0%
l2.apews.org	84%	27%
blackholes.five-ten-sg.com	26%	43%

All that above you should add to your filter list...
on your mail server reject list...

Your Postfix filter could look like that:
and you could find it in file structure

*/etc/postfix/main.cf

you could edit file with "vi" or "nano"
and some where in the file you find ...

broken_sasl_auth_clients = yes
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_non_fqdn_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unauth_destination,
reject_unauth_pipelining,
reject_invalid_hostname,
reject_rhsbl_client blackhole.securitysage.com,
reject_rhsbl_sender blackhole.securitysage.com,
reject_rbl_client blackholes.easynet.nl,
reject_rbl_client cbl.abuseat.org,
reject_rbl_client bl.spamcop.net,
reject_rbl_client sbl-xbl.spamhaus.org,
reject_rbl_client opm.blitzed.org,
reject_rbl_client dnsbl.njabl.org,
reject_rbl_client list.dsbl.org,
# reject_rbl_client zen.spamhaus.org,
# reject_rbl_client dnsbl.sorbs.net,
# reject_rbl_client l2.apews.org,

after you add all reject list
reload your postfix system.
you can do it like that

$: postfix reload
postfix/postfix-script: refreshing the Postfix mail system
(the response should look like that, and next like should be empty)


@ author is not responsible of list functionality above, adding is at your own risk.!