RBL blocking

Just reading a few of the lists this morning and noticed the usual problems with using an RBL to block mail at the MTA level(name removed to protect the original poster’s identity):
“But the problem is, some of my users also are unable to send their emails using SMTP server as their “dynamic” IP is banned because some of the ips are listed in spamhaus. They keep getting the error above. How can I rectify this? Is there a command for me to add to allow user based on their IP address or email address?
”
Solution available: none if you insist on using spamhaus to block mail at the MTA level.
Denying access to your MTA based on RBLs is demented and wrong. Why? Because you cannot rely 100% on an RBL’s accuracy.
Does this mean that RBLs are inaccurate?
No, of course not. You just need to understand how they work and how to use them.
If you score against an RBL you will get the right results, as you will score based on a number of criteria ie. there isn’t a “single point of failure”
The root of the problem does not lie with the RBL maintainers, some of them even state on their respective sites that blocking is a bad idea, but with misinformed sysadmins.
If you are running a mail server for personal use you can do pretty much what you like, as you are the only person who is going to suffer if/when things go wrong. However if you start implementing blocking in a business environment you are simply asking for trouble. Of course you are going to see a noticeable reduction in spam, simply because you’ll have blocked a large portion of the internet.
Spamhaus is a fantastic resource and can help to significantly reduce the amount of spam arriving in your users’ mailboxes, but it is not a good idea to block all mail emanating from IP ranges listed by it.
Some discussion recently on the SURBL list has centred around the length of time an IP is listed in Spamhaus. Although it makes interesting reading from a theoretical point of view, its practical implications are not going to bring any significant change to usage. The idea that an IP may be listed for a brief period and then delisted as the issue is addressed is not unique to Spamhaus. In reality the only thing that matters is whether the IP is listed at the time of arrival on your scanning server ie. whether it will be flagged or not.