Prevent inbound spam in Lotus Domino Mail Server part2
DNS blacklist filters overview
DNS blacklist filters are a new and powerful feature in Domino 6 and one of the more effective weapons against spam. With the DNS blacklist filters enabled, Domino will check inbound mail to see whether it originates from a mail server that is listed in one or more DNS blacklists (DNSBLs).
DNSBLs are databases that keep records of Internet SMTP mail hosts that are known sources of spam or permit open mail relaying. DNSBLs are maintained by many sources, both free and fee-based, and their effectiveness varies, so you may need to experiment with different DNSBLs to see how effective they are in your environment.
This section first gives some background on what DNS blacklists are before moving on to show you how DNS blacklist filters work and how to enable and monitor blacklist filters.
Selecting DNS blacklists to use
There are a number of free, publicly-available services along with numerous private paid subscription services that maintain DNS blacklists. Each blacklist service will use its own policies and methods for adding mail servers to its blacklist.
The more restrictive blacklist sites will add mail servers to their blacklist as soon as they fail an automated test, regardless of whether the server is verified as a source of spam. Other less restrictive sites will blacklist a mail server only if the server acts as a host to known spammers or if its system administrator fails to close the server to relaying after a specified period.
It is possible (and even likely) that any DNSBL might cause legitimate mail to be rejected. This is known as a false positive. It is best to assume that false positives will occur. Fighting spam is not an exact science and it’s inevitable that legitimate mail will be blacklisted at some point.
You should search the Internet to find sites that provide DNS blacklist services. A good place to start is the Lotus Developer Domain discussion forums (see Resources). In the discussion forums, you can get an idea of which services other Domino administrators have used and what their experiences have been with them.
When evaluating a DNSBL service you should review the services policies and methods for selecting mail servers to be blacklisted. Consider how restrictive the DNSBL’s policies are and compare them to your own organization’s views and tolerances to determine whether the service might be a good match. Consider what your user’s reactions might be to false positives and how many they might tolerate before determining the service is too restrictive.
Viewed 13932 times by 3433 viewers
