Spamhaus Zen Alternatives
I recently installed ISPconfig on a VPS and encountered an issue. All incoming emails were blocked by Spamhaus (rspamd) because I'm using Cloudflare. (WTF)
It seems that you can apply for a free Spamhaus DQS subscription for non-commercial use. Otherwise, you will have to pay from $250 per year. (Lmao)
My quick fix was to replace Spamhaus Zen with bl.spamcorp.net as a real-time blackhole list, and my plan is to test it before using it in production for small sites with limited email usage.
What free blacklists are you using, and what can you recommend?
Tagged:
Comments
A DNSBL is just one indicator to use for blocking mails. Use multiple factors when deciding to block mails (is the IP address listed in multiple DNSBLs? does the sender have a proper reverse DNS record? does the sender use a proper name for HELO/EHLO? does the name match its IP address? does the sender bother to use TLS?) If only one factor fails, use greylisting and see if the sender retries.
Yes, but the problem here is that Spamhaus blocked my mail server with the error: open/public resolver.
See: https://www.spamhaus.com/resource-center/successfully-accessing-spamhauss-free-block-lists-using-a-public-dns/
Then add "don't use public resolvers to query DNSBLs" to the list. A lot of these are only free to use for small email servers, but by using public resolvers, it's impossible for them to tell who is using the DNSBL, so they block access for public resolvers (I don't think Spamhaus is the only one doing this).
@xvps, you can setup local recursor (for example, Unbound) to be able to use Spamhaus DNSBLs.
Answering your question, you really should not rely on any single DNSBL but to use multiple ones for scoring.
🇵🇱 KVM VPS | LG | Colocation (aff)