Page 70 - Mercury Manual.book
P. 70
65 The MercuryS SMTP Server Module
Spam control via Realtime Blacklists (RBLs)
Finding services you can use Originally, two services existed providing blacklist services -
the RBL, and ORBS. Each took a very different approach to dealing with the problem of han-
dling unwanted mail: the RBL blacklisted sites known to have been involved in mail abuse,
while the ORBS system punished any sites with what are technically known as Open Relays
(this means a mail server that would accept mail for non-local addresses and forward it on-
wards). The RBL's approach attempted to identify real abusers, while ORBS attempted to
identify systems that might be used for abuse, whether or not they actually had any history of
it. Both systems had their share of critics, but ORBS in particular was excessively ad-hoc and
was eventually shut down by a lawsuit. These days, there are many, many systems on the In-
ternet providing a variety of blacklist services, some on a subscription basis, others free. Be-
cause the list of these services is fluid, there is little point listing them in this manual, but the
original RBL appears to be in for the long haul (although it is on a paid subscription basis
these days), so it's a good place to start looking: you can find information on the MAPS RBL
by visiting http://www.mail-abuse.org.
The Coalition Against Unwanted Commercial E-mail (CAUCE) is the premier anti-spam lob-
by group, and its web site, http://www.cauce.org, is an essential reference for anyone inter-
ested in fighting spam. Its Other resources link usually lists several spam blacklist servers or
organizations you can contact.
Creating a blacklist definition
To create a spam blacklist definition, you need to know a certain amount of information about
the service itself; you will typically find this information on the service's web site, or in the
subscription package you get if the service is one for which you pay.
Name for this definition The name Mercury should display in the Spam Control dialog for
this entry. Mercury also uses this name to construct X-BLOCKED headers by default when tag-
ging mail messages that are blacklisted. The name you enter can be up to 50 characters in
length, and should not contain special or international characters.
Hostname used to form query To query a blacklist, Mercury appends the name it wishes to
query to a static domain name which is supplied by the service itself. You should enter the
static domain name part of the query in this field. As an example, at the time of writing, the
hostname for the MAPS RBL blacklist database is blackholes.mail-abuse.org: other
services will use different hostnames.
Type of query service Mercury supports two types of service - blacklists and whitelists. A
blacklist lists abusers or sites that should be be regarded as hostile or pernicious, while a
whitelist lists sites or machines that should be regarded as acceptable under any circumstanc-
es. Mercury scans the list of definitions you create in order, trying each. As soon as a defini-
tion "triggers", Mercury uses it; if the definition is a blacklist, the action associated with the
definition is applied to the message. If the definition is a whitelist, Mercury takes no further
action against the message. At the time of writing, there are no whitelist services publicly
available on the Internet, but there is no reason for them not to exist in future.
Query structure Depending on the service, Mercury can query either based on the IP address
of the SMTP client connecting to it, or on the domain part of the e-mail address of the person
sending the message. If the service you are defining checks IP addresses, select Address-
based in this dialog. If, however, the service checks domain name portions of e-mail address-
es, select Domain based in this dialog. You must select the proper type of query for the serv-
ice - if you select the wrong type, then you will not necessarily see any errors later, but no
mail will ever be blocked by the service.
