Monday, January 07, 2013

Use DNSBL with Sendmail

It is imperative that we implement some kind of anti-spam controls in
the mail server that receives internet email traffic. One of the
controls is to check the connecting smtp server's ip address against a
blacklist of known spammers, zombie pc, open relays, ip addresses range
that should not send out email (eg the subscriber ip address ranges of
ISP) etc. What is more, many of these blacklists are free to use.

In this example, we use the blacklists provided by and

In the /etc/mail/, we add below two lines:

FEATURE(`dnsbl',`',`"Rejected due to Spamhaus listing
see" $&{clientaddr} " for more
FEATURE(`dnsbl',`',`"Rejected due to cbl listing see" $&{clientaddr} " for more

Note the use of backquote here (` vs '). The third parameter provides
the customized message that should be returned to the sending mail
server in case it hits the blacklist. Multiple dnsbl can be used
together to enhance the anti spam strength.

To make the changes effective:

m4 >
service sendmail restart

To verify whether the anti spam checking is in use, we can look for
something like 'Rejected due to Spamhaus' in the /var/log/maillog.

No comments:

Post a Comment