maRBL 1.1 review

Download
by rbytes.net on

maRBL project is a policy daemon for Postfix that lets you trigger any Postfix action as a result of an RBL match. There are only

License: GPL (GNU General Public License)
File size: 8K
Developer: Ian Campbell
0 stars award from rbytes.net

maRBL project is a policy daemon for Postfix that lets you trigger any Postfix action as a result of an RBL match.

There are only a couple good, practical options for spam filtering, but none of them are 100% effective. Statistical filters can come very close to perfection, but at the cost of CPU time -- you can't filter something until you've received it and spent some time analyzing it -- and there are few good options for blocking hosts outright.

What about RBLs?
RBLs are simple, fast and efficient but they frequently have false positives. There's an implicit level of trust required: you have to trust RBL administrators to add and remove hosts in a timely and accurate fashion from their lists. The problem is that only a fraction of lists are entirely automated, mosts have humans involved in the process, and humans are fallible. Worse, humans are vindictive, many lists go for 'collateral damage' by blocking large ranges of IP addresses in an effort to arm-twist ISPs into being more responsive about their spam problem.

What about Greylisting?
Greylisting relies on the fact that most spam is no longer sent through 'real' mail servers, and instead is sent from subpar SMTP engines. Greylisting forces senders to wait for a period of time and retry, something many of these engines are incapable of. The problems are that it fares poorly when handling mail from large ISPs that have SMTP clusters (there's no guarantee that the retry will come from the same IP address), that it introduces more delay to the process of receiving an email, and that occasionally you will run across non-RFC compliant mailservers that treat a temporary delivery failure as a permanent one.

Requirements:
Net::Server::Multiplex - This can be found in FreeBSD ports as net/p5-Net-Server
Net::RBLClient - This can be found in FreeBSD ports as dns/p5-Net-RBLclient
Perl
Postfix

What's New in This Release:
This release has the ability to query p0f to selectively greylist clients based on their operating system.

maRBL 1.1 keywords