Reject but send to Quarantine
- Thread starter thiagotgc
- Start date
-
- Tags
- quarentine reject
I see, and thanks for the feedback tom!
I used Xeams for many years, and I'm starting to learn from PMG!
It turns out that my public IP here from the office is listed in an RBL, and even sending email from GMAIL WEB, PMG is rejecting, because it is checking my IP.
How should I make PMG check RBL from the server sending the message, in my case it would be from the GMAIL server.
I used Xeams for many years, and I'm starting to learn from PMG!
It turns out that my public IP here from the office is listed in an RBL, and even sending email from GMAIL WEB, PMG is rejecting, because it is checking my IP.
How should I make PMG check RBL from the server sending the message, in my case it would be from the GMAIL server.
haha ha
Yes, but I can't do it for everyone, unfortunately ...
So I am looking for a solution without losing security
How many public IP you have?
If your public IP is blacklisted, either delist the IP or ask your ISP to give you a clean new public IP.
I don't think you understand.
The problem is not only with my IP (I gave just one example from me)
I'm having a lot of false positives with RBL.
I would like to be able to lower my score, or to prevent emails listed on the RBL from being rejected, but sent to quarantine ...
The problem is not only with my IP (I gave just one example from me)
I'm having a lot of false positives with RBL.
I would like to be able to lower my score, or to prevent emails listed on the RBL from being rejected, but sent to quarantine ...
Increase your DNSBL threshold and add multiple RBL server. This should reduce false positive.
But then if the IP is blacklisted on all your RBL servers, it will get bloacked at the end.
Look at my Advancing Proxmox Mail Gateway (especially Spam and Virus Detection) thread. You're using dnsbl.spfbl.net twice, so any hit will directly show as 2 hits and will result in reject. You use sorbs, which has somehow one of the most false-positives possible, so you just need an extra hit, any the mail get rejected as well, ... So your set is for sure a worse one.
zen.spamhaus.org*2,bl.spamcop.net*2,psbl.surriel.com*2,spamrbl.imp.ch*2,noptr.spamrats.com*2,escalations.dnsbl.sorbs.net*2,bl.score.senderscore.com*2,bl.spameatingmonkey.net*2,rbl.realtimeblacklist.com*2,dnsbl.dronebl.org*2,ix.dnsbl.manitu.net,b.barracudacentral.org,truncate.gbudb.net,bl.blocklist.de with threshold of 2 is a good set with really few false positives, zen.spamhaus.org,bl.spamcop.net,psbl.surriel.com,spamrbl.imp.ch,noptr.spamrats.com,escalations.dnsbl.sorbs.net,bl.score.senderscore.com,bl.spameatingmonkey.net,rbl.realtimeblacklist.com,dnsbl.dronebl.org,ix.dnsbl.manitu.net,b.barracudacentral.org,truncate.gbudb.net,bl.blocklist.de is more safe setup with somehow zero false positives, but a few false negatives (undetected spam), also with threshold of 2
looks good and yes, keep it at 2. if you see too much false-positives, remove all *2, which will reduce all lists to just tagging (or in other words requiring a minimum of 2 lists for rejecting)
As @hata_ph referred to: Threshold is a score to meet with DNSBL hits, 1 mean just one hit is required, 2 mean two lists need to have the IP listed etc., with *2 you can weight lists, so if a minimum of 2 is requires, two lists without multiplication are required or just one list with *2, you could also use *-1 or any other negative value to weight in whitelists (I don’t recommend as somehow I didn’t saw any reliable whitelist yet). My set is optimized as I saw somehow none (or really really rare) false-positives on *2-lists (but you can improve by removing *2 to no false-positives) and the others have very very low false-positives. I don’t use lists, which for sure are great but have many false-positives to outweighed them by whitelists like JustSpam, rbldns.ru, Hostkarma, ... as again, whitelists are not reliable.