Page 71 - Mercury Manual.book
P. 71

The MercuryS SMTP Server Module    66
                                                                         Spam control via Realtime Blacklists (RBLs)



                                    Strictness level of response  Some blacklist servers can return a variety of different values,
                                    indicating either the reason for the blacklisting of the address, or in some cases, an indication
                                    of the severity of the "offense" that resulted in the blacklisting. Mercury supports three sep-
                                    arate ways of evaluating the response from the server. Before describing the methods Mercu-
                                    ry offers, a small digression is necessary to explain how these blacklist services work.

                                    Mercury creates a special domain name based on the address (either IP or domain) of the orig-
                                    inator of the message, then attempts to resolve that domain name using a standard name res-
                                    olution call. If the domain is unknown or cannot be resolved, then no listing is currently held
                                    for it. If, however, the attempt to resolve the name is successful, an IP address will be returned
                                    to Mercury, indicating that the address is blacklisted. The address returned to Mercury will
                 127.0.0.1 cannot be a val-  be of the form 127.0.0.x, where "x" is a value greater than 1. In almost all cases, only the
                 id return for a test be-  last byte of this address will vary depending on the type of blacklist in operation - so, some
                 cause it is the address
                 reserved for the local   servers may simply return 127.0.0.2 if they hold a blacklist entry for the address, while
                 loopback interface on   others may return anything from 127.0.0.2 to 127.0.0.10 or even higher to indicate the
                 every machine.
                                    type of listing held. With this digression in mind, here is how Mercury manages its three
                                    strictness modes:

                                    •  Normal   Mercury only regards the message as blacklisted if the remote name server
                                       returns the value 127.0.0.2. Any higher value returned by the server will not result in
                                       a blacklist response.

                                    •  Any   (Called "Draconian" in previous versions of Mercury) Mercury will regard the
                                       message as blacklisted if the name server returns any successful response at all. Use this
                                       option with care - it can potentially result in an unacceptably high level of otherwise
                                       legitimate mail being blocked depending on the blacklist service.

                                    •  Range   Allows you to specify a range of name server returns within which the address
                                       must fall before Mercury should regard the message as blacklisted. Checking this control
                                       will enable the Range Low and Range High edit fields: enter the lowest return Mercury
                                       should regard as a blacklist result as an IP address in the Range Low field, and the high-
                                       est address Mercury should regard as a blacklist result in the Range High field. The
                                       addresses are inclusive, so if you enter 127.0.0.3 in Range Low and 127.0.0.4 in
                                       Range High, a return of either 127.0.0.3 or 127.0.0.4 will result in Mercury regard-
                                       ing the message as blacklisted, but a return of 127.0.0.2 or 127.0.0.5 will not.

                                    Actions to take when a message is blacklisted
                                    When a service returns a value indicating that the message should be blacklisted, Mercury
                                    can perform any of three different actions:

                                    •  Reject the message  When this action is selected, Mercury will refuse to accept the mes-
                                       sage, and will return a brief one-line message to the remote SMTP client explaining why
                                       it has done so. It is very important that you make the rejection message clear - ideally, it
                                       should contain a reference to a web site that explains to the sender why their mail has
                                       been blocked and how to rectify the problem. Most blacklist services will have such a
                                       web page you can reference in your rejection text. The primary advantage of rejecting
                                       blacklisted mail is that no bandwidth is consumed in receiving it; the disadvantage is that
                                       there is no way for a sender blacklisted in error to contact you by e-mail, because his or
                                       her messages will always be rejected.

                                    •  Tag the message with a header  When this action is selected, Mercury will accept the
                                       message normally, but will add a header to it in transit. If you leave the Header field
                                       blank, Mercury will add the header X-Blocked: <definition_name> to the mes-
                                       sage, otherwise it will add whatever text you enter without modification. If you enter a
   66   67   68   69   70   71   72   73   74   75   76