Help | Site Map
| Text size: - +
(Answer) (Category) SpamCop FAQ : (Category) SpamCop Blocking List information : (Category) How do I configure my mailserver to reject mail based on the blocklist? :
iPlanet Messageing 5.0+ (AKA Netscape Messaging)

To turn on blanketed RLB checking with iPlanet Messaging 5.0+, modify the dispatcher.cnf file, adding a DNS_VERIFY_DOMAIN option.

Note there are other ways to do this with iPlanet Messaging, but this is the quickest and easiest. The disadvantage of this simpler approach is that it does the checks for all normal incoming SMTP messages including those from internal users. An alternative is to call out to dns_verify from a PORT_ACCESS mapping table or ORIG_MAIL_ACCESS mapping table. (See the iPlanet Messaging Reference Manual for additional details).

Here is an example of the iPlanet Messaging dispatcher.cnf file which is located in /msg-/imta/conf/dispatcher.cnf

! turn on RBL checking (uncomment the ones you want to check. Note there is
! a limit of 3 sources)
! (same as ENABLE_RBL=1)

If you wish the MTA to log such rejections, the 24th bit of the Dispatcher debugging DEBUG option can be set (DEBUG=16%1000000) to cause logging of the rejections to the dispatcher.log file. Log entries take the following form:

access_control: host a.b.c.d found on DNS list and rejected

Unless otherwise specified, the default dispatcher.log* file would be located in /msg-/log/imta/dispatcher.log*

A sample of what is contained when a perp is identified looks like this:

10:42:54.08 ( 4): access_control: host
(25.364) found on DNS list
(25.364) and rejected (500 5.7.1 Open relay input. See
(25.364) 10:42:54.08 ( 4): app_listen(SMTP/25): conn REJECTED from
(25.364), descr=19
(25.364) 10:43:24.37 ( 4): access_control: host
(25.365) found on DNS list
(25.365) and rejected (500 5.7.1 Blocked - see
(25.365) 10:43:24.37 ( 4): app_listen(SMTP/25): conn REJECTED from
(25.365), descr=18

Before the connection is closed with the perp, they see the following:

500 5.7.1 access_control: host found on DNS list and rejected

To make your changes to the dispatcher.cnf take effect, do an imsimta restart with the following command:

# /msg-/imsimta restart

Now check your dispatcher.log* file for rejected connections if you turned on logging. That's it!

Another user has provided his setup file which uses various blocking lists, including MAPS RBL+. This can be viewed at Chad's personal mappings file
[Append to This Answer]