Add spamhaus & spamcop rbl

wget -nv -O /etc/spamassassin/spamhaus.cf https://www.amadex.com/spamhaus.cf
wget -nv -O /etc/spamassassin/spamcop.cf https://www.amadex.com/spamcop.cf
systemctl restart spamassassin
1 Like

Can you please give me some context? I don’t understand why are you posting those commands and what they do.

Well, I do.

We are downloading the config files from your server and restarting spamassasin.

1 Like

To add zen.spamhaus.org and spamcop.net rbl to spamassassin to (mostly) stop spam.

While I love Spamhaus, there is more to using it than simply downloading a configuration from a potentially untrusted third party. You may be trustworthy and your configuration file may well be benign, but one cannot know that without knowing how to make that evaluation.

Two important caveats in the use of Spamhaus data:

  1. Commercial use requires a subscription
  2. Use of a public resolver will ensure undesirable results
2 Likes

In addition to that, I’ve been running mail servers for almost 25 years now, and spamhaus and spamcop are among the worst, when looking at my experiences with false positives.
There’s only one of those I make use of; UCEprotect level 1; http://www.uceprotect.net/en/index.php?m=3&s=3

Most, if not all, the other RBLs will get you in trouble with complaining users.
Other than that, the other way around is still better, use scoring for whitelists, be sure you’re on it: https://www.dnswl.org/

1 Like

While I have long since outsourced my filtering, my experience with Spamhaus has been drastically different from yours. It is the only list that I trust enough to consider using in production, were I to resume running my own filtering.

Spamcop is useful to see where spamming is being currently reported, but I would never block solely based on a listing there. SORBS is similarly useful for reviewing opinions of reported activity and again not a list that I would consider reliable enough to use a sole criteria.

I have long considered UCEPROTECT to have questionable enough of a reputation, that I don’t even bother using it for research lookups, and I certainly would never include it in traffic policy decisions. If you obtain useful results with one of their lists, though, good for you. :+1:

1 Like

I’m using Spamhaus for our Plesk servers at company where I work. The clients are happy with less viagra/diabetes/gastritis/prince of nigeria messages.

1 Like

If you have users that often communicate with Brazil, Costa Rica, Italy, Poland, Serbia, Russia, China, Thailand, Cambodia, Laos, Japan, you definitely do not want to use spamhaus or spamcop. That I’ve learned. At the most give them a +0.2 added score in spamassassin or something…

And lately they’ve been joining the NATO/US/UK nonsense of disregarding and boycotting email from all countries that refuse to be US empire slaves. Just try any properly configured mail server from Iran or Syria and you’ll see it listed. It just has nothing to do with actual spam anymore, it’s politics and dirty games.

Please leave politics out of this forum, there are other places to discuss about. Here its for hestia only.

4 Likes

Seriously, this is exactly WHY I was mentioning that! It has nothing to do with politics, which is why I do not recommend using spamhaus or spamcop, because apparently FOR THEM spam has to do with politics.
You cannot deny the reality we’re living in, with regards to email abuse.

So you don’t recommend to use spamcop because of their political view…

That strikes to me as your political view opposed to theirs.

I personally don’t mind and maybe you don’t mean that, but what you wrote could be interpreted as a political point of view.

Nothing to do with a technical reason or directly related to the hestiaCP panel.

2 Likes

No, I don’t recommend them because they’ve infiltrated banning and blocking based on purely political views. Not based on if spam derives from certain domains or countries. By all means, if that’s your preference, use it. My users complain when they can’t receive perfectly safe and secure email from journalists in Syria or Iran. And frankly, flagging countries as spam-source is ridiculous, however which way you turn it.
In fact, for 2022 my spam-stats reveal that the number 3 sources of spam were using @online.ua, @volny.cz and @post.cz addresses. Am I then going to ban all email from .ua and .cz ? No, of course not.

I think spamhaus & spamcop rbl need to be updated. Debian 12, Hestiacp 1.8.1

Spamcop have a lot of false positive.
Spamhaus you need to use DQS and stop using the dns system.

I too have had problems with Spamhaus. a few months, they changed their policy requiring me to register my IP addresses on their white list. My IP addresses are clean as I never do spam. But I have no intention of complying with their new policy. My solution was to hash out spamhaus in the Hestia configuration file and just use Spam Cop - which does not have this requirement. My thanks to Hestia for giving us two choices for a spam filter. Spam Cop has been working well for me.
It is true that nearly all of my traffic is in the US - so I have no idea as to what is happening in other countries. For now, I am boycotting spam haus. I think they should go back to their old policies.