BLog
ImprintImpressum
PrivacyDatenschutz
DisclaimerHaftung
Downloads 

Why not use Spamhaus? Why not use Proofpoint or any other DNSBL?

Why not use Spamhaus?

Because since the Snowden revelations nobody guaranteed to us that Spamhaus is not a GCHQ operation. If I were the GCHQ, then Spamhaus would be mine, wouldn’t it?

A citation from the Spamhaus web-site (http://www.spamhaus.org/organization/):

At 29 May 2021 the Spamhaus Blocklists are protecting an estimated 3,126,410,000 user mailboxes

So, Spamhaus checks the IP’s of all incoming mails for 3.7 billion mailboxes. If every mailbox would receive only 2 mails per day, then Spamhaus gets significant knowledge about senders and receivers of 7 billion e-mails per day - in realtime, and hundreds of milliseconds before the actual transfer happens. For GCHQ and NSA, 100 ms would be time enough for doing many things, e.g. programming of special interception routes.

Spamhaus works fantastically effective, and for this reason, most of the e-mail administrators all over the world abandoned other DNSBL’s in favour of Spamhaus, which nowadays almost turned into a monopole in this area.

For years I wondered, how this tiny nonprofit organization and the CEO residing near Monaco could be this effective and handle such a huge amount of requests every day at zero visible costs for their users. Well, there is a list of sponsors, however, this never really dispelled the doubts.

Why not use Proofpoint or any other DNSBL?

Is there any guarantee that it is not operated by or under control of an unethical organization?

At any rate, you delegate the control of important parts of your daily communication to persons who you never saw. Does this make much sense? - … huh!

What to use instead?

Greylisting is almost as effective, and it stays under our control. My Postfix mail transfer agents are running on FreeBSD, and Greylisting is achieved with mail/greyfix.

/usr/local/etc/postfix/main.cf 

...
smtpd_recipient_restrictions = permit_mynetworks,
                               permit_sasl_authenticated,
                               check_policy_service unix:private/greyfix,
                               check_recipient_access hash:/usr/local/etc/postfix/invalid_recipients,
                               permit
...

/usr/local/etc/postfix/master.cf 

...
# CUSTOM ADDITIONS
greyfix   unix  -       n       n       -       -       spawn
   user=nobody argv=/usr/local/sbin/greyfix -/ 24 -g 60 -r {DEFER_IF_PERMIT Please try again in %d s} -G {PREPEND X-Greylisting: deferred for %d s}

Keywords: DNSBL, GCHQ, Greylisting, NSA, Snowden, Spamhaus

Copyright © Dr. Rolf Jansen - 2015-12-20 13:00:45

Discussion on Twitter: 1082809870540251136