Very close to what we're running with the exception of spamcop (high rate of false positives) and sorbs. We were running sorbs minus the pay-to-delist 'spam.dnsbl.sorbs.net' zone, but dropped them completely just a couple of days ago as an audit showed that 100% of what sorbs was catching was already covered by other lists.
We may use the occasional blackholes.us list as well depending on the server and/or a particular client's wishes, and also use bondedsender to help cut down on what could be considered false positives by some.
I'm a little taken aback that there are still people who would assert that dnsbls in general are ineffective, given all the evidence to the contrary. All it really takes is careful selection and a watchful eye.
Originally posted by AH-Tina Spam blacklists are a horrible way to combat spam.
What particular method(s) do you prefer?
Many legitimate emails WILL be lost.
I think it's rather disingenuous of you to attempt to paint all DNSBLs with such a broad brush. You've been around long enough to know that there are some publicly available DNSBL such as Spamhaus and the CBL that are balls-on accurate, widely used, highly respected, and very, very effective. The credibility of outfits like Spamhaus is no accident, and frankly, pretty much indisputable at this point..
My opinion, based on first-hand experience as well as anecdotal evidence, is that those who experience an unacceptably high rate of false positives (say, over 1% or so) have not bothered to match their choice of DNSBL to the type of traffic hitting their machines or to the needs of their customers. You can't just indiscriminately slap a handful of DNSBLs into your MTA config and expect miracles to happen. Sadly, this is exactly what many inexperienced admins do.
Everyone knows that there lists out there that are pure crap, hence my "careful selection and watchful eye" comment in a previous post. Again, it is up to the individual server admin to determine which is which and then choose accordingly based on his or her own needs.
Make sure you let your customers know that you are censoring their email if you use one.
Censorship would imply rejection based on content. DNSBLs block based on source/source history history. That said, I agree that anyone downstream of any type of spam filtering scheme should be made aware of said filtering.