DNS blacklists (DNSBL)
NOTE: This feature requires a properly configured DNS server. If the DNS server is not properly configured (and this occurs often enough!), a time out will occur and email will be processed slowly. For more information see the GFI Knowledgebase article `KBID001770'.
GFI MailEssentials supports a number of DNS blacklists, which can be configured from the DNS blacklists node. DNS blacklists are databases of SMTP servers that have been used for spamming. There are quite few third party DNS blacklists available, ranging from reliable lists that have clearly outlined procedures for getting on or off the DNS blacklist to less reliable lists.
When an email is sent, it is passed through a number of SMTP servers until it reaches the final destination. The IP address of each of these SMTP servers is recorded in the email header. GFI MailEssentials will check all the public IPs found in the message header with the DNSBL database configured (example: ordb.org).
The ORDB list is an Open Relay Database maintained by ORDB.org. ORDB.org is a non-profit organization, which stores IP addresses of verified open SMTP relays. These relays are likely to be, used as conduits for sending unsolicited bulk email, also known as spam. By accessing this list, system administrators are allowed to choose to accept or deny email exchange with servers at these addresses.
How it works
GFI MailEssentials will check all the public IPs found in the message header with the DNSBL database configured (example: ordb.org). GFI MailEssentials will record all the IPs checked in an internal database and will not perform further checks with the DNSBL for the same IPs. The IP addresses are kept in the database for 4 days, or until the Simple Mail Transport Protocol service is restarted.
Screenshot 41 - The DNS blacklist properties
To enable the DNS blacklist:
- Right click on the Anti Spam > DNS Blacklist node and select Properties.
- Click on `Check whether the sending mail server is on one of the following DNS Blacklists:'.
- Now select the appropriate DNS blacklists that you wish to check incoming mail against. For example relays.ordb.org
NOTE: You can click on the Test button to check if the selected blacklists are available.
NOTE: Querying a DNS blacklist can be slow (depending on your connection), so mail can be slowed down a little bit, especially if you query against multiple DNS blacklists.
You can also add more DNS Blacklists to the ones already listed by clicking on the Add button.
Screenshot 42 - Adding more DNS blacklists
Specify the domain containing the DNSBL (e.g. sbl.spahaus.org) in the dialogue on display and click on the OK button.
To change the order of reference for an enabled DNS blacklist, click on the relative blacklist and then click on the Up or Down buttons to move it up or down in the list according to the required priority. The DNSBL feature will reference enabled blacklist starting from the top.
To edit or delete a blacklist from GFI MailEssentials, click on the required blacklist and subsequently click on the Edit or Delete button accordingly.
Actions tab
After you have specified which DNS blacklists will be referenced, click on the Actions tab to specify what you want to do with emails marked as spam by this filter. For more information on possible actions, please refer to the `Actions - what to do with spam mail' section in this chapter.
Other tab
Please refer to the `Other options' section in this chapter.
