http://www.UCEAS.net AntiSpam Resources AntiSpam Defenses AntiSpam.Collector.pl AntiSpam.Analyzer.pl AntiSpam Database Mailing Lists/FAQs RBL-Server-HOWTO Spam Statistics Daily Weekly Monthly Quarterly Mail Server Hardening Mail Server Hardening AntiSpam AntiVirus 1U Rackmount Chassis Custom-Chassis.com Linux-1U.net 1U-ITX.net ITX-Blades.net Small PC cases Mini-Box.net Wrap-Box.net Wrap-OS.net Wan-Sim.net Linux-Consulting.com Linux-CAE.net Linux-Sec.net Linux-Boot.net Linux-Backup.net Linux-Wireless.org Linux-Office.net Linux-Video.net Linux-Jobs.net Linux-Diff.net 1U-Raid5.net Spam Reporting Free Linux CDs ISO9660.org Distro-CD.org Patch-CD.org Linux is a registered trademark of Linus Torvalds More Linux Legalese

UCEAS.net Unsolicited Commercial Email Analysis System Anti-Spam Tools Mailing Lists just starting, low volume RBL-Server-HOWTO Create your own local RBL Server To lessen the burden of external dns lookups Add additional spammers to your local rbl not yet in the general public An RBL server is one of many ways to minize our costs to handle their spam Our Rights We ( people and corporations ) have the right to refuse incoming emails from whomever we wish to decline to interact with the unwanted spammers WhiteLists Whitelists works great for personal email, since you know who your freinds are Whitelists will NOT work for business because you do NOT know which stranger will come knocking with a big order MTA w/ RBL Checking Enabled for each incoming email, your MTA will create a reverse ip# of the suspect spammer ( ip# w.x.y.z ) your MTA will look for an A record for z.y.x.w.rbl.rbl-db-lookup-site.com if w.x.y.z is a spammer, the RBL server returns 127.0.0.2, returns null otherwise your MTA can be configured to drop the mail or bounce it back to fill the spammers mailbox RBL-Server HOWTO Install an rbl-capable DNS Server Add 127.0.0.2 ( a Test Spammer ) for testing the RBL server is working Define your RBL Error Codes For each reported spam Save a copy of the reported spam in its entirty (automatically) create a zone file for each spammer's ip# Create a cgi-script to allow them to check if they're listed in your DB Create a cgi-script to allow bl'd spammers to get out of your RBL w/ your review and approval Allow your corp MTAs to check your customized corporate RBL server for spammers RBL Mailing Lists SourceForge.net rblcheck Existing RBLs Linux-Sec.net/Mail/RBL List of existing RBLs RBL Capable DNS Server IP based DNS blocking ( ordb.org, dsbl.org, .. ) -- or -- Name based DNS blocking ( rfc-ignorant.org ) and how about spammer@Yahoo.com ?? cr.yp.to ucspi-tcp cr.yp.to/ucspi-tcp rblsmtpd cr.yp.to rblsmtpd-*.tar.gz -- OBSOLETED -- use ucspi-tcp instead generic tool to block mail from RBL-listed sites rblsmtpd-0.70.tar.gz last release ornl.gov qmail + rblsmptd Ladro.com rblsmtpd cr.yp.to rbldns - IP-address-listing cr.yp.to walldns cr.yp.to tinydns djbdnsrocks.org djbdns installation guide jms1.net rbldns patch for TXT support Notabug.com MAPS DUL file Dustman.net djbdns OregonState.edu Corpit.ru rbldnsd Corpit.ru rbldnsd - Example zone file Corpit.ru rbldnsd*.tar.gz SuRBL.org RBL mirror Howto RBL 127.0.0.x Error Codes Mail-Abuse.org rbl+ Mail-Abuse.org Usage Declude.com How ip4r (DNSBL-style) DNS lookups work DNSRBL.com Various RBLs returns different 127.0.x.y return code Testing the RBL Server All RBL Servers should have 127.0.0.2 listed as a spammer for testing purposes nslookup type=A 2.0.0.127.bl.spamcop.net ping 2.0.0.127.bl.spamcop.net dig 2.0.0.127.bl.spamcop.net ( default is type=A records ) dig 1.1.168.192.bogons.cymru.com dig +short 1.1.168.192.bogons.cymru.com dnsip 2.0.0.127.bl.spamcop.net it should return 127.0.0.2 if its an ip# of a suspect spammer, in this case, it is Most RBLs should return 127.0.0.2 ( yes its a spammer ) for 2.0.0.127.rbl.Favorite-RBL-DB.com if it fails, the server could be miconfigured if it fails, the 127.0.0.2 test entry is missing RBL Server Examples UCEAS.org/RBL.Server/Scripts

Copyright © 2000	Linux-Consulting	All Rights Reserved.	Updated: Sun Nov 21 23:42:59 2004 PDT