How Are Blacklists Used? (Part 2)

Originally posted on RBLTracker Blacklist Check Service blog.

In Part 1 of our series we talked about what RBLs are, and the different types of RBLs. In this article, we’ll talk more about how they can be used by administrators to control the flow of SPAM into their networks.

How Are They Used?

Most mail server software can be configured to make requests against DNSBLs, and reject or accept mail, based on if the sending mail servers IP address is listed in the DNSBL. Or in the case of URIBLs, if a domain name or website URL found in the body of the message is listed.

Example

As a quick example, the Exim mail transfer agent (MTA) supports specifying one or more DNSBLs during the ACL processing of an inbound SMTP message.

exim_rbl

Exim will make a DNS lookup request on the sending mail servers’ IP address, and if found in the DNSBL, can reject the message with a specific error message.

The Postfix MTA allows administrator to add one or more DNSBLs using the reject_rbl_client configuration option in the smtpd_recipient_restrictions option.

postfix_rbl

You can also do a simple check on Windows, Mac, and Unix, using the command line nslookup tool. Simply reverse the digits in your IP address, and prefix it to one of the DNSBL host names.

So for example, if your IP address was 127.0.0.2 and you wanted to check the bl.spamcop.net DNSBL, you would do a DNS lookup on: 2.0.0.127.bl.spamcop.net:

manual_lookup

Check back for Part 3 of our series where I talk about how RBLs affect organizations, and why they can be an important part of your day-to-day administration.

Leave a Reply

Your email address will not be published. Required fields are marked *