How Lotus Domino DNS blacklist filters work
When Lotus Domino DNS blacklist filters are enabled on a Domino server, every incoming SMTP mail connection is checked against one or more DNSBLs. Domino performs a DNS query against the blacklists at the DNSBL sites specified. If a connecting SMTP mail host is found on the blacklist, Domino can do any of the following:
* Log the message
* Log and tag the message
* Log and reject the message
Choosing and using filter actions
Below are some of the actions that Domino can take if a connecting SMTP mail host is found on a DNS blacklist.
Log the message
When logging the message, Domino reports the event to the server console and records it in an entry to the Mail Routing Events view of the server’s Log database. The messages provide the host name and IP address of the server and the name of the blacklist site where the server was listed.
Log and tag the message
When tagging messages, Domino adds a special field named $DNSBLSite to messages received from hosts found on a blacklist. The value of the $DNSBLSite field is the first blacklist site found listing the host.
You can use the $DNSBLSite field to provide custom handling of messages received from hosts listed in a blacklist. For example, you can check for the presence of the field through the use of simple formula language in an agent in the user’s mail files and provide conditional handling of messages, such as moving or copying the messages to a folder or another database. You can design views in user’s mail files that display messages with the $DNSBLSite field in them and sort and total messages by its value.
Log and reject the message
When a message is rejected, an e-mail is returned to the sender with a message that can be customized. For example, your message might read “Your host 127.0.0.2 was found in the DNS Blacklist at blackholes.mail-abuse.org”. Once a message is rejected it cannot be retrieved and the recipient will never be aware that the message was ever sent, so this action is potentially dangerous if a blacklist you are using lists legitimate mail servers.
It is strongly recommended that you use a Custom SMTP error response for rejected messages. In the event that a legitimate e-mail is rejected, you want the sender to have as much information about why as possible.
Viewed 10399 times by 3152 viewers
