[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Which RBL is Best ??

On Tuesday 20 January 2004 17:17, Dan Kriwitsky wrote:
> > I would be very interested in having a "conversation" with
> > you about this as I
> > am currently working to do just this (add a whitelist) to
> > several of my
> > cobalts.  Am "conversant" with sendmail and cf files...
>
> I believe, all you need to do is add:
>
> 12.34.56.789[TAB]OK
> #or
> example.com[TAB]OK
>
> To /etc/mail/access
> I haven't test it, but should be easy enough to do so.

Dan,

  Yes, that is ok for "individual" entries.  What we are talking about though 
is a DNSBL list (like njabl, orbs, etc) but with "good guy" (whitelist) IP 
addresses that can be "tested" just like an RBL but the result is "OK" accept 
this mail vice "ERROR 5.7.1 rejected by....."

I run my own whitelist and blacklist (rbl-allow and rbl-deny respectively) and 
use this successfully on several systems to always "allow" mail from servers, 
hosts, systems that I know to be "good" guys, or that I know support and have 
an "active" abuse desk that takes action when I send them something.  Often 
it is nice to say "block all of client.attbi.com" _except_ "good_guy1" and 
"good_guy2" (being generally either customers or someone you know)... 
(strickly an example and not picking on attbi)...

Someone else mentioned an access list of about 15,000 entries.  I have 49,000 
plus entries in my rbl-allow table right now and access it the same as any 
other RBL (1.2.3.4 becomes 4.3.2.1.rbl-allow.domain.com) and can instantly 
"update" it for all the servers I run that support it vice having to go 
(connect) to each and update the respective access files.

Apologize for the discertation, just want you and others to understand the 
"advantage" of "whitelist" via DNSBL vice static access files and such...

-- 
Larry Smith
SysAd ECSIS.NET
sysad@xxxxxxxxx