Debian iTOps Tube

Tuesday, November 22, 2011

Using Public SPAM Blacklists With Sendmail

Using Public SPAM Blacklists With Sendmail

There are many publicly available lists of known open mail relay servers and spam generating mail servers on the Internet. Some are maintained by volunteers, others are managed by public companies, but in all cases they rely heavily on complaints from spam victims. Some spam blacklists simply try to determine whether the e-mail is coming from a legitimate IP address.

The IP addresses of offenders usually remain on the list for six months to two years. In some cases, to provide additional pressure on the spammers, the blacklists include not only the offending IP address but also the entire subnet or network block to which it belongs. This prevents the spammers from easily switching their servers' IP addresses to the next available ones on their networks. Also, if the spammer uses a public data center, it is possible that their activities could also cause the IP addresses of legitimate e-mailers to be black listed too. It is hoped that these legitimate users will pressure the data center's management to evict the spamming customer.

You can configure sendmail to use its dnsbl feature to both query these lists and reject the mail if a match is found. Here are some sample entries you can add to your /etc/ file; they should all be on one line.

  • RFC-Ignorant: A valid IP address checker.

FEATURE(`dnsbl', `',`"550 Mail from " $&{client_addr} " refused. Rejected for bad WHOIS info on IP of your SMTP server - see"')

  • Easynet: An open proxy list.

FEATURE(`dnsbl', `', `"550 5.7.1 ACCESS DENIED to OPEN PROXY SERVER "$&{client_name}" by DNSBL  ("', `')dnl

  • Spamcop: A spammer blacklist.

  • Spamhaus: A spammer blacklist.

FEATURE(`dnsbl',`',`Rejected - see')dnl


  • Visit the URLs listed in each FEATURE command to learn more about the individual services.
  • Be sure to run the script from the beginning of the chapter for these changes to take effect.

No comments:

Post a Comment