RBL Real-time Block List
Posted On 2007年1月8日 星期一 at 於 凌晨2:36 by Lani最近在Mail Server系統上,準備增加了RBL的機制,先在網路上找了幾個RBL組織,Spamcop、Spamhaus、Njabl,但也發現一家不錯的組織ORDB結束了服務,真可惜,使得很多管理者必須再找其他的RBL組織,也造就了另一家組織,開始受到更多注意,那就是Njabl,以下為其組織的定義:
127.0.0.2 - open relays
127.0.0.3 - dial-up/dynamic IP ranges
127.0.0.4 - Spam Sources
This will include both commercial spammers as well as some dial-up direct-to-mx spammers and open proxies as it's not always possible to differentiate between these sources. For commercial spammers, once we have spam on file from some of their IPs, we may add their entire IP range if it can be reliably determined.
127.0.0.5 - Multi-stage open relays
Before adding multi-stage open relays to our list, we make an attempt to notify the NIC contacts for their IP space and give them at least one week to fix their systems. This type is deprecated. We no longer list multi-stage open relays.
127.0.0.6 - Passively detected "bad hosts"
These hosts have done things a proper SMTP server should not do. They're very likely to be spam proxies. We can't say much more about this. No supporting evidence is made available for listing these IPs.
127.0.0.8 - Systems with insecure formmail.cgi or similar CGI scripts which turn them into open relays
This includes the output IP when a server with an insecure formmail CGI smarthosts outgoing email through another server or servers.
127.0.0.9 - Open proxy servers
Non-dial-up range entries will often have a descriptive TXT record which should indicate why the entry was added.
在我管理的MailServer上,新增了Spamhaus & Spamcop兩家組織,選擇Spamhaus & Spamcop的理由是他們有完整的Removal機制、良好的溝通管道、完整的說明資料,因此可以避免不少爭議,而我MailServer上的客戶有可能是在世界各地的某一角落,所以我在選擇RBL組織上必須很嚴謹,我必須增設白名單機制,才可縮小客戶使用問題。
白名單有bypass IP、Domain、Sender..