{"id":2785,"date":"2010-03-04T22:45:52","date_gmt":"2010-03-05T02:45:52","guid":{"rendered":"http:\/\/blogs.n1zyy.com\/n1zyy\/?p=2785"},"modified":"2010-03-04T22:45:52","modified_gmt":"2010-03-05T02:45:52","slug":"weighted-dnsbls-with-postfix","status":"publish","type":"post","link":"https:\/\/blogs.n1zyy.com\/n1zyy\/2010\/03\/04\/weighted-dnsbls-with-postfix\/","title":{"rendered":"Weighted DNSBLs with Postfix"},"content":{"rendered":"

For a really<\/em> long time, I’ve been dreaming about the perfect mailserver setup. It would be almost perfect at telling spam from non-spam; it would include calendaring and a web GUI that actually looked good; it would be fast; it wouldn’t have issues sending mail to various ISPs…<\/p>\n

My current — far from perfect — mailserver runs postfix-policyd<\/a>, but the old version. It has a few features I love. I can easily set up spamtraps, for example, by just adding them to the relevant MySQL table. I have HELO-based restrictions: if you connect and say “HELO n1zyy.com” or “HELO 64.191.108.120” (my hostname or IP), your IP is blacklisted for a few days. If you email a spamtrap, your IP is blocked for a few days. It does greylisting, but I can do it per-mailbox — and even on the fly, it seems.<\/p>\n

That’s not quite perfection, though. What I’ve really wanted for a long time is the ability to do weighted DNSBLs. Individually, trusting any DNSBL is bad. Even though most are reputable, if one person says you’re a spammer, that shouldn’t stop you. If multiple people say you’re a spammer, though, block away. Ideally, I’d be able to set per-list scores; if a conservative list says you’re a spammer, that counts a lot more than the lists that list whole netblocks.<\/p>\n

policyd-weight<\/a> turns out to be exactly what I want, and more. As the name implies, it computes a weight based on a variety of factors, looking at DNSBLs (and RHSBLs!) and also the HELO. I think I’m going to toy with this a bit, but it looks promising.<\/p>\n

Tangentially, Atmail<\/a> (@Mail) is the first webmail client I’ve ever seen that actually looks good. And it looks really<\/em> good. It’s not only closed-source, though, it’s expensive. But it’s still tempting.<\/p>","protected":false},"excerpt":{"rendered":"

For a really long time, I’ve been dreaming about the perfect mailserver setup. It would be almost perfect at telling spam from non-spam; it would include calendaring and a web GUI that actually looked good; it would be fast; it … Continue reading →<\/span><\/a><\/p>","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-2785","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/blogs.n1zyy.com\/n1zyy\/wp-json\/wp\/v2\/posts\/2785","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.n1zyy.com\/n1zyy\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.n1zyy.com\/n1zyy\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.n1zyy.com\/n1zyy\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.n1zyy.com\/n1zyy\/wp-json\/wp\/v2\/comments?post=2785"}],"version-history":[{"count":0,"href":"https:\/\/blogs.n1zyy.com\/n1zyy\/wp-json\/wp\/v2\/posts\/2785\/revisions"}],"wp:attachment":[{"href":"https:\/\/blogs.n1zyy.com\/n1zyy\/wp-json\/wp\/v2\/media?parent=2785"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.n1zyy.com\/n1zyy\/wp-json\/wp\/v2\/categories?post=2785"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.n1zyy.com\/n1zyy\/wp-json\/wp\/v2\/tags?post=2785"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}