Educause Security Discussion mailing list archives
Re: DNS blacklists
From: "Tupker, Mike" <mtupker () MTMERCY EDU>
Date: Mon, 18 May 2009 13:22:57 -0500
Yep, I meant sbl-xbl.spamhaus.org. For the most part we’ve had good results from spamcop. Surriel was one of the ones we’ve started having problems with lately as well as abuseat.org. After reviewing the stats for the RBL usage on our spam appliance I think I may also ditch most of them. The barracuda one is catching over 90% of the RBL blocks and spamhaus is second (but not a close second). Thank you to everyone who responded. Mike Tupker Systems Administrator Mount Mercy College From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of McClenon, Braden Sent: Monday, May 18, 2009 12:59 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] DNS blacklists Did you mean sbl-xbl.spamhaus.org? We were using zen.spamhaus.org until our Barracuda’s internal “Pseudo-RBL” became good enough that querying Zen didn’t seem worth the look-ups anymore. I found psbl.surriel.com to have too many false positives, and I’ve heard the same about spamcop. I’ve heard others say psbl.surriel.com is good as part of a Bayesian scoring system though. Honestly, I’ve only heard complaints about spamcop, but that’s not to say there aren’t supporters out there. Also, cbl.abuseat.org is included in xbl.spamhaus.org. See http://www.spamhaus.org/xbl/. So you could get rid of that one. Brady McClenon Senior Server Administrator SUNY Oneonta From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Ben Williams Sent: Monday, May 18, 2009 1:19 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] DNS blacklists We utilize zen.spamhaus and b.barracuda. The only complaints we have received are from users being blocked when sending mail from home (POP/IMAP users). Where necessary we have added exceptions for them. When we added the barracuda list our top spam recipients saw approximately a 50% decrease in quarantined spam. While that does not translate to a 50% reduction in spam for everyone, it certainly does lighten the load on our spam filter system. Ben Williams
"Tupker, Mike" <mtupker () MTMERCY EDU> 5/18/2009 12:38 PM >>>
Hi, I was just curious what other campus’ are using in terms of DNS blacklist when it comes to email? They are very handy but recently a few of them have been the source of some complaints from our users. Currently we are using: Rbl-xbl.Spamhaus psbl.surriel.com cbl.abuseat.org bl.spamcop.net dnsbl.njabl.org Barracudacentral – by default in our barracuda device I know we are probably using more lists than is necessary, but I’m sure you all know how cranky people can get if they find a single spam message in their inbox. Mike Tupker Systems Administrator Mount Mercy College
Current thread:
- DNS blacklists Tupker, Mike (May 18)
- <Possible follow-ups>
- Re: DNS blacklists Dexter Caldwell (May 18)
- Re: DNS blacklists Dexter Caldwell (May 18)
- Re: DNS blacklists Ben Williams (May 18)
- Re: DNS blacklists McClenon, Braden (May 18)
- Re: DNS blacklists Tupker, Mike (May 18)
- Re: DNS blacklists Jesse Thompson (May 21)
- Re: DNS blacklists Jesse Thompson (May 21)