Realtime Blacklists (Server Level)

How to get here

Server level Realtime Blacklists are spam databases that store information about IP addresses that are known to send spam. IP addresses that have open mail relays (relays mail for anyone) are also commonly listed in blacklists, because those servers have the potential to be easily hijacked by spammers. Each blacklist compares the IP addresses from which an e-mail is sent against the spam database to look for a match. If a domain's IP address is listed in one of the blacklists, mail from that domain should be suspected of being spam.

All blacklists must be configured and enabled at the server level before an IMail e-mail domain can use them. This lets a system administrator decide which blacklists to allow an e-mail domain to use. Only blacklists that are enabled on the Realtime Blacklists page are available for use in domain (host) level configurations.

Use Realtime Blacklists Options to add, edit and delete server blacklists. All blacklists that are currently configured for the server are displayed in the realtime blacklist. The realtime blacklist information is stored in the "spamblkm.txt" file located in the "...\IMail" top directory.

Note: Realtime Blacklists must be enabled at the server level before they are made available for use at the email domain level. Realtime blacklists ar then used at the domain level (when bound to an IP address), where administrators can choose which blacklists to enable for the host on the Connection Checks (Connection Checks Overview, Connection Checks) page.

Realtime Blacklist

• Realtime Blacklist Name. Enter a name in the text box to identify a new blacklist. This can be any name that you want, and will be used in log lines to identify the blacklist entry.
• Type. Select the type of lookup that the blacklist performs from the list box.
  • ADDR (ADDRESS). This type of blacklist uses a message's "FROM" address to determine whether the message is spam.
  • DNS. This type of blacklist checks the IP address of the connecting SMTP server against spam databases to determine whether the message is spam. If the IP address is listed in one of the blacklist's databases, the message is identified as spam.
  • HELO. This type of blacklist checks the domain supplied in the HELO or EHLO command to determine whether to accept the message. The domain name that is given in the HELO/EHLO command must match the IP address.
  • RHS (RIGHT-HAND SIDE). This type of blacklist checks the information following the @ symbol supplied in the "MAIL FROM" command to determine whether the message is spam.
• Server. In the text box, enter the domain name or IP address of the DNS server to contact for blacklist queries. This field contains an asterisk (*) by default, which indicates that the default IMail Server DNS is used for blacklist queries, where it relays the DNS query to the DNS server for the blacklist. Using the asterisk eliminates the need to enter the IP address or domain.
• Query Domain. In the text box, enter the domain to query in the zone file. This name usually matches the server domain name. However, sometimes a blacklist will contain multiple zones to query on the same server. When this happens, the server name and the query domain will be different. The only way to know this is to read the documentation for the blacklist being used.
• Enable. Select the check box to enable the blacklist.
• TCP/IP First. Some blacklists, especially ones that supply .txt records, have packets that are too large to transmit via the UDP protocol. These lists disable UDP access and require TCP to query the blacklist. Select this check box to allow the administrator to flag a list as one of these types.
• Add. Click this button to Add to Realtime Blacklist page.
• Edit. Select an item and click this button to Edit the Realtime Blacklist to the Realtime Blacklist.
• Delete. Select an item to delete and click the Delete button.

Important: Updates made to the Realtime Blacklist will not successfully update until the "Save" button has been clicked, and the message "Your changes have been saved" is displayed at the top.

Save. Click to save your settings. An "Update Successful" message and the time of the update appear.

Related Topics

Server Level Anti-spam Options (Blacklists)

Understanding Realtime Blacklists

How Blacklists Work

Adding a Realtime Blacklist

Setting Connection Checks Options (Connection Checks Overview, Connection Checks)