IBM AH0QXML User Guide - Page 44

Controlling connections from spammers, 4.2.1 DNS Blacklist filters

Get IBM AH0QXML - Lotus Domino Messaging PDF manuals and user guides View all IBM AH0QXML manuals
Add to My Manuals
Save this manual to your list of manuals

Page 44 highlights

4.2 Controlling connections from spammers This section discusses which actions can be taken to control connections from spammers. The earlier you are able to stop spam messages from entering your environment, the more benefits you will gain. The features described in this section aim to stop spam at the Listener task. If you are able to stop spam there, you often avoid the whole message ever being transmitted over the networks, which will save network bandwidth and storage. Some of the anti-spam controls described here consume server system resources; therefore, they may have performance impacts. If spam is a major problem for your organization, the benefits of implementing controls here will outweigh the performance costs. Note: For the features described in this section to work effectively, your Domino SMTP server has to be designated as a direct mail exchange server (MX server) on the Internet. If you relay messages from an internal SMTP server to your Domino server, the inbound connection will always be from the same internal server and the connection checking will always pass. In order for Inbound Connection controls or DNS Blacklist filters to work, the inbound connection to your SMTP server must be from an external sending IP address. 4.2.1 DNS Blacklist filters DNS Blacklist (DNSBL) filters support allows you to configure the Domino 6 server to query an external DNS Blacklist site to be sure that the mail you are receiving is from a reputable source. What is a DNSBL? Well, simply put, it is a list or database containing host names and IP addresses of known spamming sites or hosts that are susceptible to being used by a spammer. Hosts that allow relaying, also known as "Open Relays," do not have any security imposed on their systems, allowing any user to send mail from their systems. These open relays leave their systems open and could be used by a spammer to flood the Internet with junk mail. Host names and IP addresses found in DNSBL databases are those of hosts that have failed to pass certain relay checking requirements, and therefore pose a high probability that they will be used by a spammer. The sites that maintain DNSBL databases conduct tests against hosts that are believed to be open relays. When a host is found to be open, their hostname and IP address is added to the list until the system passes these relay checks. Often a host is placed on this list for being an open relay, without the host knowing that they were left open. If this happens, the owner of the host can work with the DNSBL site to verify that all open relay capabilities have been closed down. 32 Lotus Domino 6 spam Survival Guide for IBM eServer

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
32
Lotus Domino 6 spam Survival Guide for IBM eServer
4.2
Controlling connections from spammers
This section discusses which actions can be taken to control connections from
spammers. The earlier you are able to stop spam messages from entering your
environment, the more benefits you will gain. The features described in this
section aim to stop spam at the Listener task. If you are able to stop spam there,
you often avoid the whole message ever being transmitted over the networks,
which will save network bandwidth and storage. Some of the anti-spam controls
described here consume server system resources; therefore, they may have
performance impacts. If spam is a major problem for your organization, the
benefits of implementing controls here will outweigh the performance costs.
4.2.1
DNS Blacklist filters
DNS Blacklist (DNSBL) filters support allows you to configure the Domino 6
server to query an external DNS Blacklist site to be sure that the mail you are
receiving is from a reputable source.
What is a DNSBL? Well, simply put, it is a list or database containing host names
and IP addresses of known spamming sites or hosts that are susceptible to being
used by a spammer. Hosts that allow relaying, also known as
Open Relays,
do
not have any security imposed on their systems, allowing any user to send mail
from their systems. These open relays leave their systems open and could be
used by a spammer to flood the Internet with junk mail. Host names and IP
addresses found in DNSBL databases are those of hosts that have failed to pass
certain relay checking requirements, and therefore pose a high probability that
they will be used by a spammer.
The sites that maintain DNSBL databases conduct tests against hosts that are
believed to be open relays. When a host is found to be open, their hostname and
IP address is added to the list until the system passes these relay checks. Often
a host is placed on this list for being an open relay, without the host knowing that
they were left open. If this happens, the owner of the host can work with the
DNSBL site to verify that all open relay capabilities have been closed down.
Note:
For the features described in this section to work effectively, your
Domino SMTP server has to be designated as a direct mail exchange server
(MX server) on the Internet. If you relay messages from an internal SMTP
server to your Domino server, the inbound connection will always be from the
same internal server and the connection checking will always pass. In order
for Inbound Connection controls or DNS Blacklist filters to work, the inbound
connection to your SMTP server must be from an external sending IP address.