Wednesday, July 14, 2004

Realtime black lists

Trying to prevent the denial of service and spam attacks that I was getting, I looked into setting up some real time black lists for Postfix. I tried relays.ordb.org and xbl.spamhaus.org. ORDB.org is a black list that only lists verified open relays. The Spamhaus Project has two black lists
  1. xbl.spamhaus.org lists machines that have illegal 3rd party exploits, like proxies, worms and trojan exploits.
  2. sbl.spamhaus.org lists machines that have been verified UBE sources
I ended up not using xbl.spamhaus.org, since it didn't seem to be catching the zombie machines that were sending email to me. Also in some ways, I don't want to block spam, since I want my Bayesian filters to be as accurate as possible, so I want to scan all of the spam that I am sent.