[152023] in North American Network Operators' Group
Re: The day SORBS goes away ...
daemon@ATHENA.MIT.EDU (Jon Lewis)
Mon Apr 9 20:23:35 2012
Date: Mon, 9 Apr 2012 20:22:55 -0400 (EDT)
From: Jon Lewis <jlewis@lewis.org>
To: Randy Bush <randy@psg.com>
In-Reply-To: <m2sjgczffj.wl%randy@psg.com>
Cc: NANOG list <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Tue, 10 Apr 2012, Randy Bush wrote:
> drop condition = ${if isip4{$sender_host_address}}
> message = blocked because $sender_host_address is \
> in blacklist at $dnslist_domain: $dnslist_text
> !dnslists = list.dnswl.org
> dnslists = dialups.mail-abuse.org \
> : rbl-plus.mail-abuse.org \
> : dnsbl.sorbs.net \
> : zen.spamhaus.org
> logwrite = REJECT because $sender_host_address listed in $dnslist_domain
>
> works pretty well for me. looking forward to a bit of ipv6 prophylaxis
If you were to move dialups.mail-abuse.org below zen.spamhaus.org
(assuming these are checked in the order they're entered in the config),
I'm curious if dialups.mail-abuse.org would block anything. If it did,
I'd be curious if those were FPs. :)
----------------------------------------------------------------------
Jon Lewis, MCP :) | I route
Senior Network Engineer | therefore you are
Atlantic Net |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
