Note: Note:
|
SMTP Protocol Level DNS Blacklist Filtering Due to spammers' changing tactics, SMTP protocol level DNSBL filtering is susceptible to a denial-of-service (D-O-S) attack. Thus CMS now believes that DNS blacklist lookup should only be done at the message level, not the SMTP protocol level. Read more on this issue here. |
A DNS blackhole list (DNSBL) is an actively maintained DNS server with a database of IP addresses associated with Internet mail servers judged to be abusive on one or more spam-related criteria: known open relay, dial-up IPs used by spammers, etc. Praetor will use the IP session of the open connection request from a sending mail host to query the DNSBL. If the query response indicates the IP address is listed in the DNSBL database, then Praetor will refuse the connection attempt.
The original DNS blackhole list is known as the Real-time Blackhole List or RBL™. It was created and is actively maintained by the Mail Abuse Organization (visit their Mail Abuse Prevention System or MAPS™ website and learn more about this anti-spam DNS server). When this service was started, it was offered freely and any mailhost could send a DNS query to determine if an IP address was found in the MAPS RBL database. As of July 31st, 2001, RBL was no longer offered as a free service and access would be restricted to those willing to pay their subscription fee. Once the MAPS fee is paid, MAPS will register the IP address of your mailhost that will query the MAPS RBL server. Your mailhost will then be authenticated when MAPS server receives a DNS RBL query from Praetor.
Additional servers are available from MAPS:
RSS (Relay Spam Stopper)
DUL (Dial-up User List)
OPS (Open Proxy Stopper).
These three servers along with the original RBL are all conveniently checked in a single query when you pay the fee to subscribe to the RBL+ service.
If you have a local DNS server with a subscription to the MAPS service, Praetor will issue the query locally. This takes advantage of the cache in your DNS and makes subsequent access much faster. If the information is not available locally, your DNS server will then forward the query to the MAPS server.
To set up Praetor, simply make sure that the IP address of your local DNS server appears in Control Panel Networking applet, under TCP/IP properties for the DNS servers. Then enter the MAPS domain in the Praetor administration program DNSBL field.
Note:
|
For those with high messaging volume, it would be even more efficient to enter into a zone transfer subscription with MAPS. Under this arrangement, a copy the entire MAPS databases would reside on your local DNS server that presumably would be far more responsive than a DNS query made to the MAPS servers that are also accessed by their other customers. |
It is possible to configure Praetor and have it directly query MAPS RBL or RBL+. This special configuration is needed because of MAPS subscription which registers the IP address of your machine that will perform queries against their servers. These comments and instructions do not apply to directly querying other (free) DNS Blackhole List servers.
CMS does not recommend you configure Praetor to make this direct MAPS query due to several known limitations:
No other software (e.g. Windows Update, Internet Explorer, etc.) can make DNS queries.
If Praetor is co-resident with your local Exchange, Domino, or other SMTP mail server, then Praetor must be set to filter and deliver all Internet-bound mail. Your mail server will not be able to deliver directly.
Only a single DNSBL can be used.
If, after all these limitations and against CMS recommendation you still want to set Praetor to query the DNSBL server directly, then click here.
There are other DNS blackhole list servers available besides MAPS RBL and RBL+, many of which are available without charge. Examples include NJABL (combined.njabl.org) and Spamhaus (sbl-xbl.spamhaus.org).
If you want to use any of them, simply enter their server domain name in the DNSBL field.
Note:
|
From our experience, these free servers may be available one day only to disappear later without any notice. As free servers, the service they provide might collapse under the weight of their own popularity — without any revenue, the companies that operate the servers are unable to keep the servers responsive to the increasing volume of RBL queries. For example, two such free servers went off-line in 2000, ORBS and IMRSS, and Osirusoft shut itself in protest in 2003. The very first RBL server was from the Mail Abuse Prevention System (MAPS) organization. It has survived by charging for services beginning in July 2001. MAPS has enhanced RBL to include other databases such as the Relay Spam Stopper (RSS), Dial-Up List (DUL), Non-confirming Mailing List (NML), and Open Proxy Stopper (OPS). You can read more about these services on the MAPS website. For an exhaustive list of DNSBL servers, see this site - http://moensted.dk/spam/. If you use any free DNSBL servers, many of them accept donations
and could use your support in their efforts against spam. |
For more information on other Internet anti-spam resources see Appendix D including a glossary of spam-related terms.