Spam Blocking-Use Black Lists to Block Spam

Introduction

This howto describes black listing for the AntiSpam Spam Blocker. The AntiSpam Spam Filter also uses black listing of a different type.

Use the Spam Blocker to stop incoming messages from black listed email servers. Several web sites maintain black lists. The lists contain the IP addresses of open relay email servers, plus servers known to host spamming. You might use more than one black list because each list has different criteria for adding and removing email servers. The black lists use an industry standard format for communicating with email servers. When enabled, this function matches the IP addresses of incoming email to the addresses in the black lists. If they match, the messages can be delivered, isolated or deleted. You can specify email servers to exempt from the Spam Blocking check.

Requirements

You need to know your policies for blocking sites by using black lists and for checking ”received” headers of messages from black listed sites. Processing “received” headers increases the time it takes to handle email.

How To

To enable spam blocking:

1. Use the Spam blocker command from the Security menu. This displays the Spam Blocker dialog.
2. Select the Spam Blocker Engine tab.
3. Check the Enable Spam Blocker engine check box.
   In many cases this is all you have to do. The Spam Blocker now checks each incoming message against the black lists.
4. Optionally configure each Spam Blocker option:
   • Flag messages from black listed sites but go ahead and accept them. Flagging adds a warning to each message saying it came from a black listed site. Flagged messages can be further processed through content filtering or passed directly to the destination mailbox.
   • Flagging adds a warning to each message saying it came from a black listed site. Flagged messages can be further processed through content filtering or passed directly to the destination mailbox.
   • Check ”Received” headers within SMTP collected messages. Known spam sites sometimes routes their messages through a ”non-spamming” server in an attempt to hide the source from spam blocking software. Enabling this feature checks the headers to a user-specified level, with ”0” checking all headers.
   • Check ”Received” headers within DomainPOP collected messages. By its nature DomainPOP email delivery masks the email source from spam blocking software. Enabling this feature checks the headers to a user-specified level, with ”0” checking all headers. This is a really good idea for sites using DomainPOP email.
   • Skip ”Received” headers within messages from exempted IPs. This applies only if you have setup exempted IPs.
   • Add black listed sites to the IP Screen (under ’All IPs’) This adds--but does not remove--black listed sites to the IP Screening if your server receives mail from the site. IP Screening prevents a site from connecting to your server. If a black listed site gets removed from a black list, your server will still block the site if you use this feature. You can manually remove the IP addresses blocked through the IP Screening dialog available through the Security Setting cascading menu.
   • Authenticated sessions are exempt from Spam Blocker lookups. When a session is authenticated through an ID and password, the Spam Blocker does not check it against the black lists.
   • Always exempt Trusted IPs from Spam Blocker lookups If a site passed the Trusted IPs test, the Spam Blocker does not check it against the black lists.
5. Use the OK command button to complete the process.

Contents