How to get here
Use the options on this page to enable/disable the DNS black lists for the current domain. Black lists are not enabled by default, so each new e-mail domain must enable the black lists.
DNS black lists compare the sender information from incoming messages against spam databases to identify spam. DNS black lists must be enabled at the server level before they are made available for use at the e-mail domain level. DNS black lists are then used at the domain level (when bound to an IP address), where administrators can choose which black lists to enable for the host.
After a black list is added, it displays in the list. The black lists that are available to add are dependent upon which black lists are configured for the server. If a black list is not configured at the server level, it will not be available for an e-mail domain and will not be displayed on this page.
Administrators have the option to specify whether a message is deleted if it matches a specific number of standard DNS black lists plus the number of enabled verification checks.
Administrators can review messages that match the DNS black lists. If an e-mail matches the criteria of the black lists, an X-Header is inserted in the message indicating which black list it matched and why. The e-mail is then passed on to content filtering for further examination. The message is delivered if no other rules processing takes place.
A match made to this Standard DNS Blacklist will follow the verification check selections
- This column displays all existing black lists for the current domain. Click a black list to modify the black list options.
- This column displays the domain name or IP address of the DNS server to contact for the corresponding black list's queries.
- This column displays the domain that is queried for the corresponding black list.
- This column displays the type of lookup that the black list performs.
- Click to create a new black list for the current domain. For more information, see Adding a DNS Black List.
- To delete a black list, select its corresponding check box, then click the button.
Select any of the following verification tests to perform on incoming e-mail messages. If a message fails any of the checks, an X-Header is inserted into the message.
These options are resource intensive and may slow down mail processing.
- Select this check box to have the "From" address of the connecting server verified for each message to ensure that the user is a valid user on the mail server. If the user or server does not exist, the message is identified as spam.
- Select this check box to create a test in which the IP address of the connecting server is used to perform a reverse DNS lookup to determine the domain name. If a domain has a valid PTR record, the message is accepted. If a reverse lookup fails, it means there is no reverse record for that IP address and the message is marked as spam. An IP address with no PTR record is usually either from a dial-up connection or spoofed message, both of which are indicators of spam. However, keep in mind that a significant number of legitimate mail servers do not have a reverse DNS entry. This may cause legitimate mail to be marked as spam (false positive).
- Select this check box to create a test in which the domain passed during the HELO/EHLO is used to perform a DNS query to verify that the domain specified has an A record or an MX record. If this test fails, an X-Header is inserted into the message.
- Select this check box to delete the message immediately if it matches x number of black lists plus verification check options. Enter a value that is not greater than the number of black lists plus the number of verification check options that are configured.
- Select this check box to create a test in which, if selected, the subject of a message identified as spam by connection filtering is modified from the default text to begin with the text entered in the text box. This option does not apply if the is selected and a message meets the criteria for the number of black list and verification check matches.
The SMTPD service does not accept mail from clients that do not begin the SMTP conversation with "HELO" or "EHLO".
- Click to save your changes. An "Update Successful" message and the time of the update appear.
Server Level Antispam Options (Black Lists)
Understanding DNS Black Lists
How Black Lists Work
Setting DNS Black Lists Options
Setting White List Administration Options
IMail SMTP Settings - Control Access