Spam blocking

Now that you know how awful the problem is, what can you do to deal with the flood of incoming spam?

Local blocking lists

The original method of blocking spam was to use facillties like TCP wrappers (which can be optionally linked into Sendmail) or even router filters to refuse to accept mail from certain domains or IP address ranges. Later Sendmail added FEATURE(access_db) which provides more fine-grained control, such as the ability to reject mail based not just on the origin of the connection, but on the address given at MAIL From: time. This worked pretty well until spammers began to use open relays and proxies.

DNS blacklists

DNS blacklists started as a way to provide a centrally-maintained method for blocking IP address ranges associated with spammers, and have since grown to address the problem of huge numbers of open SMTP relays and spam proxies. DNS blacklists contain huge lists of IP addresses which can be queried by DNS lookups, making them efficient and easy to integrate into MTA software. If your MTA uses the (fake, example) blacklist bl.die-spammers-die.org, then when it receives a connection from IP address 10.1.2.3, it performs a lookup of the DNS name 3.2.1.10.bl.die-spammers-die.org. If they believe a spammer resides there, the lookup returns an IP address like 127.0.0.2; if not, the lookup returns a "no such domain" result. MTA software can then refuse to accept mail if the DNS lookup is successful (sometimes the specific IP pseudo-address returned encodes some information that the MTA can use for finer decision-making).

Because DNS blacklists tend to be maintained by third parties, using a blacklist means that you give up a certain level of local control (although it's usually possible to override a problematic block locally). Before using a DNSBL, it's important to do your research on its policies and reputation to decide whether it will block the mail you want blocked, and not block the mail you don't want blocked.

Next ->


Steve VanDevender
Last modified: Thu Jul 16 11:48:49 PDT 2009