Connection Checks

How to get here

Use the options on this page to enable/disable the DNS black lists for the current domain. Black lists are not enabled by default, so each new e-mail domain must enable the black lists.

DNS black lists compare the sender information from incoming messages against spam databases to identify spam. DNS black lists must be enabled at the server level before they are made available for use at the e-mail domain level. DNS black lists are then used at the domain level (when bound to an IP address), where administrators can choose which black lists to enable for the host.

After a black list is added, it displays in the Black List list. The black lists that are available to add are dependent upon which black lists are configured for the server.

Important: If a black list is not configured at the server level, it will not be available for selection to this page.

Administrators have the option to specify whether a message is deleted if it matches a specific number of standard DNS black lists plus the number of enabled verification checks.

Administrators can review messages that match the DNS black lists. If an e-mail matches the criteria of the black lists, an X-Header is inserted in the message indicating which black list it matched and why. The e-mail is then passed on to content filtering for further examination. The message is delivered if no other rules processing takes place.

The Trusted DNS Blacklist, is been combined with the Connection Checks List. It displays whether or not the black list is enabled for the domain, the server where the domain resides, and its query domain. The query domain usually matches the server domain name. However, sometimes a black list will contain multiple zones to query on the same server. When this happens, the server name and the query domain will be different. The only way to know this is to read the documentation for the black list being used.

Note: A match made on the Standard DNS Blacklist will follow the verification check selections

Domain. Shows the current selected domain. From the drop down you can pick any of the domains available to this administrative user account.

Connection Checks List

• DNS Black Lists. This column displays all existing black lists for the current domain. Click a black list to modify the black list options.
• Type. This column displays the type of lookup that the black list performs.
• Server. This column displays the domain name or IP address of the DNS server to contact for the corresponding black list's queries.
• Query Domain. This column displays the domain that is queried for the corresponding black list.
• Trusted. This check box is selected to enable it as a Trusted Black List.

  Note: A match made to the Trusted DNS Blacklist will automatically be deleted.

• Add. Click Add to create a new black list for the current domain. For more information, see Adding a DNS Black List.
• Delete. To delete a black list, select its corresponding check box, then click the Delete button.

Verification Checks:

Select any of the following verification tests to perform on incoming e-mail messages. If a message fails any of the checks, an X-Header is inserted into the message.

Note: These options are resource intensive and may slow down mail processing.

• Verify MAIL FROM Address. Select this check box to have the "From" address of the connecting server verified for each message to ensure that the user is a valid user on the mail server. If the user or server does not exist, the message is identified as spam.
• Perform Reverse DNS Lookup for Connecting Server. Select this check box to create a test in which the IP address of the connecting server is used to perform a reverse DNS lookup to determine the domain name. If a domain has a valid PTR record, the message is accepted. If a reverse lookup fails, it means there is no reverse record for that IP address and the message is marked as spam. An IP address with no PTR record is usually either from a dial-up connection or spoofed message, both of which are indicators of spam. However, keep in mind that a significant number of legitimate mail servers do not have a reverse DNS entry. This may cause legitimate mail to be marked as spam (false positive Many black lists used for connection filtering return hits for domains such as yahoo.com, hotmail.com, and msn.com, among others. If you use these black lists, non-spam e-mail from these domains may be identified as spam and processed according to the specified spam action.).
• Verify HELO / EHLO domain. Select this check box to create a test in which the domain passed during the HELO/EHLO is used to perform a DNS query to verify that the domain specified has an A record or an MX record The MX record identifies the domain name of the computer running the mail server (in this case, the IMail Server).. If this test fails, an X-Header is inserted into the message.
• Delete Message after x Matches. Select this check box to delete the message immediately if it matches x number of black lists plus verification check options. Enter a value that is not greater than the number of black lists plus the number of verification check options that are configured.
• Prefix Subject with. Select this check box to create a test in which, if selected, the subject of a message identified as spam by connection filtering is modified from the default text to begin with the text entered in the text box. This option does not apply if the Delete Message after x matches is selected and a message meets the criteria for the number of black list and verification check matches.

Important: The SMTPD service does not accept mail from clients that do not begin the SMTP conversation with "HELO" or "EHLO".

Save. Click to save your changes. An "Update Successful" message and the time of the update appear.

Related Topics

Adding to Black List

Server Level Antispam Options (Black Lists)

Understanding DNS Black Lists

How Black Lists Work

Setting DNS Black Lists Options

Setting White List Administration Options

IMail SMTP Settings - Control Access