Blacklist Filter resource...for Postfix (Linux)

by Morten Holmensen

Welcome to the DNS BlackList Resource Center.
For week-by-week success and failure data for a specific blacklist, select a blacklist from the list below.

Blacklists with data available for public display:

l2.apews.org bhnc.njabl.org cbl.abuseat.org t1.dnsbl.net.au list.dsbl.org unconfirmed.dsbl.org blackholes.five-ten-sg.com korea.services.net luckyseven.dnsbl.net

no-more-funn.moensted.dk psbl.surriel.com spam.spamrats.com noptr.spamrats.com dyna.spamrats.com dnsbl.sorbs.net blacklist.spambag.org bl.spamcannibal.org bl.spamcop.net

dnsbl.tqmcube.com ubl.unsubscore.com dnsbl-1.uceprotect.net dnsbl-2.uceprotect.net dnsbl-3.uceprotect.net UCEPROTECT All Lists db.wpbl.info zen.spamhaus.org 0spam.fusionzero.com

Each blacklist detail page contains thirteen weeks worth of data, graphically represented. Each green bar represents the weekly average percentage of spam that would be blocked by use of that list. Each red bar represents the weekly average percentage of ham (non-spam) that would be blocked by use of that list. The spam and ham buckets are unique; therefore it is possible to have both a high accuracy rate against spam and a high false positive rate against non-spam.

For every 10% of accuracy, ten out of one hundred spams were successfully blocked by a given list. For every 5% of inaccuracy, one out of every twenty desired emails was blocked by a given list.

Quick DNSBL Stats
21 days	39794 spams	1515 hams
DNSBL Zone	Accuracy % (against spam)	Inaccuracy % (against non-spam)
zen.spamhaus.org	81%	0%
bl.spamcop.net	62%	0%
psbl.surriel.com	53%	0%
l2.apews.org	84%	27%
blackholes.five-ten-sg.com	26%	43%

All that above you should add to your filter list...
on your mail server reject list...

Your Postfix filter could look like that:
and you could find it in file structure

*/etc/postfix/main.cf

you could edit file with "vi" or "nano"
and some where in the file you find ...

broken_sasl_auth_clients = yes
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_non_fqdn_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unauth_destination,
reject_unauth_pipelining,
reject_invalid_hostname,
reject_rhsbl_client blackhole.securitysage.com,
reject_rhsbl_sender blackhole.securitysage.com,
reject_rbl_client blackholes.easynet.nl,
reject_rbl_client cbl.abuseat.org,
reject_rbl_client bl.spamcop.net,
reject_rbl_client sbl-xbl.spamhaus.org,
reject_rbl_client opm.blitzed.org,
reject_rbl_client dnsbl.njabl.org,
reject_rbl_client list.dsbl.org,
# reject_rbl_client zen.spamhaus.org,
# reject_rbl_client dnsbl.sorbs.net,
# reject_rbl_client l2.apews.org,

after you add all reject list
reload your postfix system.
you can do it like that

$: postfix reload
postfix/postfix-script: refreshing the Postfix mail system
(the response should look like that, and next like should be empty)


@ author is not responsible of list functionality above, adding is at your own risk.!

What is a DNSBL?.

What is a DNS BlackList?
by Morten Holmensen

A DNSBL is a DNS (domain name service)-based spam blocking list. Some people call them blacklists, while others call them blocklists.

These blacklists are IP address-based. This means that they contain IP addresses, generally of email servers that you might receive spam from, or that the blacklist maintainer has indeed received spam from. There are dozens of such lists available, all compiled with different criteria, at every conceivable point in the sanity spectrum. Some lists work better than others, and some list maintainers are more trustworthy and respectable than others.

The original (and still primary) use for DNSBLs is to block mail. Most mail servers nowadays have DNSBL support (either built in, or through use of a plug-in) that allows a mail server administrator to block mail from sites listed on a specific DNSBL. The site would choose to do this as part of their attempt to reduce the amount of spam their users would receive.

More recently, DNSBLs are often used as a part of spam scoring system, such as SpamAssassin. If you’re listed on a spam blacklist that is referenced in a spam scoring system, your spam score could be increased by some amount. (The amount varies and is often configurable.) If that, in addition to other scoring tests performed, makes an email’s score rise above a certain level, it could be discarded, or routed to the spam folder.

Note: you might hear people refer to “RBLs” when talking about spam blocking. The first DNSBL was called the RBL, created by a company I once worked for, the Mail Abuse Prevention System (MAPS). MAPS claims “RBL” as a service mark, but as far as I can tell, anybody using the term RBL is usually using it interchangeably with DNSBL.