Realtime blacklists are databases of known spammers. These databases contain IP addresses that are known to send spam. They also contain IP addresses that have open mail relays, because a spammer can easily use these systems to send out spam.
IMail Server uses realtime blacklists during connection filtering. In order to fully understand how anti-spam and connection filtering work, it is necessary to understand realtime blacklists. Connection filtering compares each message against the configured realtime blacklists to see if the IP address of the connecting server is listed. If the result is positive, the message is either deleted or an X-Header is inserted into the message.
You can separate realtime blacklists into two categories: Standard Realtime Blacklists and Trusted Realtime Blacklists.
A Trusted Realtime Blacklist is one that you know is updated frequently, and is more likely to be accurate. You may also identify a blacklist as trusted because you find that for your uses it produces the least number of false positives.
Warning: If a message makes a match on the Trusted Blacklist, it is automatically deleted.
A Standard Realtime Blacklist is a blacklist of which you are uncertain about its accuracy. If a message matches one of these lists, an X-Header is inserted into the message, indicating which blacklist it matched.
Realtime blacklists are configurable for the entire server, which enables a system administrator to decide which realtime blacklists are available to each domain. Each domain administrator is then responsible for enabling the configured blacklist for the domain. A domain cannot use a blacklist that is not configured and enabled for the server.
Related Topics
Server Level Anti-spam Options (Blacklists)