How DNSBL Works

The acronym DNSBL stands for “Domain Name Services BlackList,” where the term BlackList refers to the desire to prohibit all spam.

When sendmail accepts a connection from another site, one of the first things it does is to get the IP address of that site. Once armed with that address, it can do a lookup of that address at a DNSBL site. To illustrate, we will use the mail-abuse.org site.[124] To see whether the connecting site is an open relay site, sendmail first reverses the IP address. For example, the address 123.45.67.89 becomes 89.67.45.123. Then sendmail prefixes the hostname relays.mail-abuse.org with that reversed IP address and looks up the result as though it is a hostname:

89.67.45.123.relays.mail-abuse.org

If that hostname is found, that means the site is listed with mail-abuse.org as an open relay site. If that hostname is not found, the site is a good one.

Prior to V8.12, the FEATURE(rbl) allowed you to use this DNSBL process. Beginning with V8.10, a new FEATURE(dnsbl) was added. As of V8.12, the FEATURE(rbl) was removed. The FEATURE(enhdnsbl) which is an extended version of FEATURE(dnsbl) became available. These features are summarized in Table 7-1 and explained in the following sections.

Table 7-1. DNSBL features

Feature

Description

rbl

Deprecated; see dnsbl

dnsbl

Reject mail from hosts in a DNS-based rejection list

enhdnsbl

An enhanced version of dnsbl

[124] * This is a commercial site to which your name server must subscribe to use. Visit http://www.mail-abuse.com/ ...

Get sendmail, 4th Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.