Table of ContentsPreviousNextIndex

Blacklist

The Black list is a custom database of email addresses & domains from which you never wish to receive emails. I.e. mails sent from these email addresses or domains will always be marked as spam.

The spam blacklist

The configuration of the blacklist is done from the Anti Spam > Blacklist/White list node. Right-click on this node to bring up the Blacklist/White list properties. Now click on the black list tab.

Adding a blacklisted email entry

To add a blacklisted domain or email address, click `Add'. Specify the full email address. If you wish to specify an entire domain, specify it as follows `*@spammer.com'. The `*' is a wildcard to include all email addresses from that domain.

You can also blacklist entire domain suffixes, for example *@*.jp. This will for example ensure that mail sent from japan is automatically marked as spam. Clearly you have to use these entries with care.

Then specify whether you want the blacklist entry to apply to the MIME TO: field or the MIME FROM: field. The MIME TO option allows you to blacklist email sent to a non existing email address. This could be handy if you want to avoid an NDR being sent and just want the email to be automatically deleted (for example mail sent to ex employees).

Third party DNS blacklists (DNSBL)

The DNSblacklist tab in the White list/Black list dialog contains the DNSblacklist options. GFI MailEssentials supports a number of DNSblacklists. DNSblacklists are databases of known spammers. These databases are queried ` DNS style'. There are a quite few third party DNSblacklists available, ranging from reliable lists that have clearly outlined procedures for getting on or off the DNSblacklist to less reliable lists.

The ORDB list is an Open Relay Database maintained by ORDB.org. ORDB.org is a non-profit organization, which stores an IP-addresses of verified open SMTP relays. These relays are, or are likely to be, used as conduits for sending unsolicited bulk email, also known as spam. By accessing this list, system administrators are allowed to choose to accept or deny email exchange with servers at these addresses.

When an email is sent, it is passed through a number of smtp servers until it reaches the final destination. The ip address of each of these smtp servers is recorded in the email header.

How it works

GFI MailEssentials will check all the public ips found in the message header with the DNSBL database configured (example: ordb.org). GFI MailEssentials will record all the ips checked in an internal database and will not perform further checks with the DNSBL for the same ips. The ip addresses are kept in the database for 4 days, or until the Simple Mail Transport Protocol service is restarted

Selecting a DNS blacklist

To enable the DNS blacklist:

  1. Click on `Check whether the sending mail server is on this DNSBL'.
  2. Now select the appropriate DNSblacklist you wish to check incoming mail against. For example relays.ordb.org
  3. Optionally you can select a second DNSblacklist, for example SpamHaus.

Note that querying a DNSblacklist can be slow (depending on your connection), so mail can be slowed down a little bit, especially if you query against 2 DNSblacklists.


Table of ContentsPreviousNextIndex