7.22. Using a DNS Block List on Exchange Server 2003
Problem
You wish to use a DNS-based block list (DNSBL) to help filter and reject incoming spam.
Solution
Using a graphical user interface
Open the Exchange System Manager (Exchange System Manager.msc).
Expand Global Settings, right-click Message Delivery, and select Properties. Click the Connection Filtering tab.
Click Add. Fill in the display name of the DNSBL you are configuring and put the lookup zone in the DNS Suffix of Provider field.
If you wish to use a custom error message, fill it in. The default is
<IPAddress>hasbeen blocked by<DNSBL Display Name>.If the DNSBL returns multiple result codes and you wish to configure which ones you will actually block on, click Return Status Code. Select the appropriate option (usually Match Filter Rule to Any of the Following Responses), fill in the corresponding mask or response codes, and click OK.
Click OK to return the Connection Filter tab.
If you have certain addresses that you want to be able to continue to receive email this DNSBL would otherwise block, click Exception. Click Add and fill in the exempted addresses. Click OK to close the exemption box.
Click OK.
Discussion
DNSBL support is a new feature in Exchange Server 2003 that can have tremendous impact on reducing the amount of spam that enters your organization. There are literally hundreds of blocklists being run around the world; before using any of them, do some research to find out their purpose, listing criteria, delisting ...