<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN">
<html>
<head>
- <title>HOWTO - Using the RBL</title>
+ <title>HOWTO - Using DNS Block Lists (DNSBLs)</title>
</head>
<body bgcolor="#FFFFFF" text="#00005A" link="#FF6600" alink="#FF9933" vlink="#990000">
- <h1>HOWTO - Using the RBL</h1>
+ <h1>HOWTO - Using DNS Block Lists (DNSBLs)</h1>
<p>The MAPS (Mail Abuse Protection System) RBL (Realtime Blackhole
- List) is a means of identifying hosts that have been associated
- with the sending of spam mail. A full description of the service
- and the technology and ethics behind it can be found at <a
+ List) was the first application of a way of using a DNS list as a
+ means of identifying hosts that have been associated with the
+ sending of spam mail. A full description of the service and the
+ technology and ethics behind it can be found at <a
href="http://www.mail-abuse.org/rbl/"><tt>http://www.mail-abuse.org/rbl/</tt></a>
along with more general mail policy information at <a
href="http://www.mail-abuse.org/"><tt>http://www.mail-abuse.org/</tt></a>.</p>
<p>In the few years since MAPS started operating, other similar
services although with different aims, procedures and
reliabilities have been introduced - MAPS itself has a number of
- these (ie MAPS/DUL which maintains lists of dial up modems), the
- other major source was <a href="http://www.orbs.org/">ORBS</a>,
- which is a more proactive relay blocking service, however this has
- recently closed down. For this reason the examples now use RSS
- from mail-abuse.org in place of ORBS</p>
-
- <p>Exim can use the MAPS RBL and/or any other similarly defined
- service (ie you could make your own additional maps as well). To
- use exim for this you need to be running version 1.80 or later,
- the configuration example in this document are specifically for
- version 3.00 and later - the old version of this document,
- covering older versions of exim can be found <a
- href="old_rbl.html">here</a>.</p>
-
- <h2>Exim RBL Support</h2>
+ these (ie MAPS/DUL which maintains lists of dial up modems). At
+ this point in time there are many 10s of services with varying
+ charters - lists of these can be found at <a
+ href="http://relays.osirusoft.com/"><tt>http://relays.osirusoft.com/</tt></a>
+ and <a
+ href="http://spamblock.outblaze.com/spamchk.html"><tt>http://spamblock.outblaze.com/spamchk.html</tt></a>.
+ The services are now normally referred to as a DNS Block List
+ (DNSBL), rather than RBLs, however you will find that earlier Exim
+ documentation (ie for version 3.x) will use the older term.</p>
+
+ <h2>Exim DNSBL Support</h2>
<p>Exim has supported RBL from version 1.80, although the
flexibility was increased (with a related change configuration
- options) on the release of Exim 3.00</p>
+ options) on the release of Exim 3.00. With the release of Exim
+ 4.00 the whole basis of policy checks on incoming mail changed
+ to be based on a set of Access Control Lists (ACLs) applied at
+ various during the incoming mail transaction. For this reason
+ the configuration of Exim 4.x and later to use DNSBLs is
+ complete different to that used for earlier versions.</p>
+
+ <h2>Exim 4.x DNSBL Usage</h2>
+
+ <p>In Exim 4.x a DNSBL lookup can be used in any of the incoming SMTP
+ ACLs. However it is typical for the lookups to be used in the ACL
+ handling <tt>RCPT TO</tt> - this allows policies to accept mail
+ for <tt>postmaster</tt> or other special local parts (for
+ example so a blocked sender can talk to the local postmaster
+ about getting blocks lifted or excluded)</p>
+
+ <p>The use of DNSBLs is substantially documented in the main exim
+ specification or the 4.x versions, so will not be covered in
+ detail here. However a couple of examples can be given</p>
+ <pre>
+ # Add a warning header if the sending host is in these
+ # DNSBLs but acccept the message (or rather leave it for
+ # later ACLs to accept/deny
+ warn message = X-blacklisted-at: $dnslist_domain
+ dnslists = blackholes.mail-abuse.org : \
+ dialup.mail-abuse.org
+
+
+
+ # Reject messages from senders listed in these DNSBLs
+ deny dnslists = blackholes.mail-abuse.org
+ </pre>
+
+ <p>Documentation on these features can be found in the
+ specification section on
+ <a href="../exim-html-4.20/doc/html/spec_37.html">
+ Access Control Lists</a>.</p>
+
+ <h2>Exim 3.x DNSBL Usage</h2>
<p>The exim RBL support allows one or more RBL systems to be
checked and messages from hosts within each RBL to be either
an RBL blocked site.</p>
- <h2>RBL Configuration Options</h2>
+ <h3>RBL Configuration Options</h3>
<p>These are fully detailed in the <a
href="../exim-html-3.20/doc/html/spec.html" target="_top">Exim
<hr>
<address><a href="mailto:Postmaster@exim.org">Nigel Metheringham</a></address>
<!-- Created: Mon Aug 25 15:46:41 BST 1997 -->
- <h4>$Id: rbl.html,v 1.3 2001/05/10 11:24:39 nigel Exp $</h4>
+ <h4>$Id: rbl.html,v 1.5 2003/06/01 14:17:01 nigel Exp $</h4>
</body>
</html>