Additional blacklist filtering options

Problem reported by echodreamz - 12/22/2025 at 1:38 PM

Submitted

Spamhaus is helping us get our total query count down by moving some of their checks to the SMTP-level and rejecting on that rather than letting rSpamd do all the queries.

Curently, SmarterMail can only do checks against their zen.dq.spamhaus.net list. However, they are also wanting us to query the sender domain, the helo hostname and the reverse hostname of the IP address.

Since SM can only do queries for the IP address, Spamhaus is telling us to move to Postfix as it offers more flexibility with the reject_rhsbl_sender, reject_rhsbl_helo and reject_rhsbl_reverse_client options.

We'd like to avoid going to postfix if possible.

1 Reply

Reply to Thread

Douglas Foster Replied

12/22/2025 at 8:14 PM

Declude and Declude Reboot can be easily configured to do those checks against any standard RBL service

Declude's redundancy optimizations seem to prevent asking the same question of different RBLs, so I am planning to use a Python module within Declude.

This is most efficient if you are willing to do silent discard. Declude has an option to stop processing on first delete. Note that t cannot run in the SMTP session.

Another option:

I found that 66% of all messages are for non-existent or terminated accounts. So I do recipient verification and discard messages with no valid recipients. If you do the same, your Spamhaus query counts will drop accordingly.

Implementation note: on an hourly basis, I copy my active user list to a database, the ln Declude checks the database for valid users. My first attempt queried directly from the inbound gateway to the post office server, but I realized that was putting too much strain on the server that I was trying to protect.

Back to Community Threads

Please leave this box unchecked

Reply to Thread

Enter the verification text