<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN">
<html>
<head>
- <title>HOWTO - Using the RBL</title>
+ <title>HOWTO - Using DNS Block Lists (DNSBLs)</title>
</head>
<body bgcolor="#FFFFFF" text="#00005A" link="#FF6600" alink="#FF9933" vlink="#990000">
- <h1>HOWTO - Using the RBL</h1>
+ <h1>HOWTO - Using DNS Block Lists (DNSBLs)</h1>
<p>The MAPS (Mail Abuse Protection System) RBL (Realtime Blackhole
- List) is a means of identifying hosts that have been associated
- with the sending of spam mail. A full description of the service
- and the technology and ethics behind it can be found at <a
+ List) was the first application of a way of using a DNS list as a
+ means of identifying hosts that have been associated with the
+ sending of spam mail. A full description of the service and the
+ technology and ethics behind it can be found at <a
href="http://www.mail-abuse.org/rbl/"><tt>http://www.mail-abuse.org/rbl/</tt></a>
along with more general mail policy information at <a
href="http://www.mail-abuse.org/"><tt>http://www.mail-abuse.org/</tt></a>.</p>
<p>In the few years since MAPS started operating, other similar
services although with different aims, procedures and
reliabilities have been introduced - MAPS itself has a number of
- these (ie MAPS/DUL which maintains lists of dial up modems), the
- other major source is <a href="http://www.orbs.org/">ORBS</a>,
- which is a more proactive relay blocking service</p>
+ these (ie MAPS/DUL which maintains lists of dial up modems). At
+ this point in time there are many 10s of services with varying
+ charters - lists of these can be found at <a
+ href="http://relays.osirusoft.com/"><tt>http://relays.osirusoft.com/</tt></a>
+ and <a
+ href="http://spamblock.outblaze.com/spamchk.html"><tt>http://spamblock.outblaze.com/spamchk.html</tt></a>.
+ The services are now normally referred to as a DNS Block List
+ (DNSBL), rather than RBLs, however you will find that earlier Exim
+ documentation (ie for version 3.x) will use the older term.</p>
- <p>Exim can use the MAPS RBL and/or any other similarly defined
- service (ie you could make your own additional maps as well). To
- use exim for this you need to be running version 1.80 or later,
- the configuration example in this document are specifically for
- version 3.00 and later - the old version of this document,
- covering older versions of exim can be found <a
- href="old_rbl.html">here</a>.</p>
-
- <h2>Exim RBL Support</h2>
+ <h2>Exim DNSBL Support</h2>
<p>Exim has supported RBL from version 1.80, although the
flexibility was increased (with a related change configuration
- options) on the release of Exim 3.00</p>
+ options) on the release of Exim 3.00. With the release of Exim
+ 4.00 the whole basis of policy checks on incoming mail changed
+ to be based on a set of Access Control Lists (ACLs) applied at
+ various during the incoming mail transaction. For this reason
+ the configuration of Exim 4.x and later to use DNSBLs is
+ complete different to that used for earlier versions.</p>
+
+ <h2>Exim 4.x DNSBL Usage</h2>
+
+ <p>In Exim 4.x a DNSBL lookup can be used in any of the incoming SMTP
+ ACLs. However it is typical for the lookups to be used in the ACL
+ handling <tt>RCPT TO</tt> - this allows policies to accept mail
+ for <tt>postmaster</tt> or other special local parts (for
+ example so a blocked sender can talk to the local postmaster
+ about getting blocks lifted or excluded)</p>
+
+ <p>The use of DNSBLs is substantially documented in the main exim
+ specification or the 4.x versions, so will not be covered in
+ detail here. However a couple of examples can be given</p>
+ <pre>
+ # Add a warning header if the sending host is in these
+ # DNSBLs but acccept the message (or rather leave it for
+ # later ACLs to accept/deny
+ warn message = X-blacklisted-at: $dnslist_domain
+ dnslists = blackholes.mail-abuse.org : \
+ dialup.mail-abuse.org
+
+
+
+ # Reject messages from senders listed in these DNSBLs
+ deny dnslists = blackholes.mail-abuse.org
+ </pre>
+
+ <p>Documentation on these features can be found in the
+ specification section on
+ <a href="../exim-html-4.20/doc/html/spec_37.html">
+ Access Control Lists</a>.</p>
+
+ <h2>Exim 3.x DNSBL Usage</h2>
<p>The exim RBL support allows one or more RBL systems to be
checked and messages from hosts within each RBL to be either
an RBL blocked site.</p>
- <h2>RBL Configuration Options</h2>
+ <h3>RBL Configuration Options</h3>
<p>These are fully detailed in the <a
href="../exim-html-3.20/doc/html/spec.html" target="_top">Exim
<p>A typical configuration would be a mail system which rejects
mail from machines that appear within either the MAPS RBL list or
- the MAPS DUL (Dial-Up List), and also checks hosts in the ORBS
+ the MAPS DUL (Dial-Up List), and also checks hosts in the RSS
lists but only marking each message has coming via an RBLed host
rather than rejecting them. Additionally all mail to the local
postmaster always gets through, even if the host is in the MAPS
configuration file) to do this is:-</p>
<pre>
-# reject messages whose sending host is in MAPS/RBL
-# add warning to messages whose sending host is in ORBS
+# reject messages whose sending host is in MAPS/RBL & MAP/DUL
+# add warning to messages whose sending host is in RSS
rbl_domains = blackholes.mail-abuse.org/reject : \
dialups.mail-abuse.org/reject : \
- relays.mail-abuse.org/reject : \
- relays.orbs.org/warn
+ relays.mail-abuse.org/warn
# check all hosts other than those on internal network
rbl_hosts = !192.168.0.0/24:0.0.0.0/0
# but allow mail to postmaster@my.dom.ain even from rejected host
recipients_reject_except = postmaster@my.dom.ain
# change some logging actions (collect more data)
-rbl_log_headers # log headers of accepted RBLed messages
-rbl_log_rcpt_count # log recipient info of accepted RBLed messages
+rbl_log_headers # log headers of accepted RBLed messages
+rbl_log_rcpt_count # log recipient info of accepted RBLed messages
</pre>
<p>The information to do more complicated manipulations can be
<hr>
<address><a href="mailto:Postmaster@exim.org">Nigel Metheringham</a></address>
<!-- Created: Mon Aug 25 15:46:41 BST 1997 -->
- <h4>$Id: rbl.html,v 1.2 2000/08/01 08:34:21 nigel Exp $</h4>
+ <h4>$Cambridge$</h4>
</body>
</html>
git://git.exim.org / exim-website.git / blobdiff