Overview
The GFI MailEssentials IP DNS Blocklist filter verifies that the IP address of the sending mail server is not known to send spam emails. The DNS Blacklist module (DNSBL) makes use of DNS to check the IP address of the sending mail server with third-party DNSBLs (like zen.spamhaus.org).
GFI MailEssentials maintains a cache with the results of queries to the IP DNS Blocklist to avoid querying the IP DNS Blocklists multiple times for the same IP address, resulting in faster responses for the items that are found in the cache. Items remain in the cache for 4 days and are cleared each time the AS Scan Engine service is restarted.
Prerequisites
Before proceeding with the described solution steps, ensure that you are logged on to GFI MailEssentials administration console using an account with administrative privileges.
Prior to configuring the IP DNS Blocklist filter, you need to ensure that the DNS server and the Perimeter server(s) are configured correctly.
DNS Server
Ensure the DNS server is properly set up by following the steps given here: Configuring DNS Server Settings. All the queries done by the IP DNS Blocklist filter are done using DNS. By default, GFI MailEssentials will perform the DNS queries against the DNS server configured on the local machine. You may also select to perform such DNS queries using an alternate DNS server.
Perimeter Servers
GFI MailEssentials needs to correctly identify the server(s) receiving Emails directly from the internet. It is therefore important to configure the Perimeter servers in GFI MailEssentials correctly otherwise, there is a possibility that spam messages could pass through.
For more information on how to specify perimeter servers, please see Perimeter SMTP Server Settings.
Solution
This filter is enabled by default on installing GFI MailEssentials.
Important notes
- The DNS server must be properly configured for this feature to work. If this is not the case, time outs will occur and email traffic will be slowed down.
- Querying an IP DNS Blocklist can be slow (depending on your connection), so Emails can be slowed down a little bit.
- Ensure that all perimeter SMTP servers are configured in the Perimeter SMTP servers dialog so that GFI MailEssentials can check the IP address that is connecting to the perimeter servers.
Steps to Configure IP DNS Blocklist
- Go to Anti-Spam > Anti-Spam Filters > IP DNS Blocklist.
- Configure the following options:
Option | Description |
Check whether the sending mail server is on one of the following IP DNS Blocklists: | Select to enable the IP DNS Blocklist filter. |
Add IP DNS Blocklist |
bl.spamcop.net and dul.dnsbl.sorbs.net should be enabled by default. If required, add more IP DNS Blocklists to the ones already listed. Key in the IP DNS Blocklist domain and click Add IP DNS Blocklist. The best practice recommendation is to also add the following DNSBLs zen.spamhaus.org, truncate.gbudb.net and b.barracudacentral.org. |
Enable Selected | Select an IP DNS Blocklist and click Enable Selected to enable it. |
Disable Selected | Select an IP DNS Blocklist and click Disable Selected to disable it. |
Remove Selected | Select an IP DNS Blocklist and click Remove Selected to remove it. |
- Click the Actions tab to select the actions to perform on messages identified as spam by this filter. For more information refer to Configuring MailEssentials Spam Actions
- Click Apply.
Note: To enable IP DNS Blocklist at SMTP Transmission Filtering level, select Anti-Spam > Filter Priority > SMTP Transmission Filtering tab and click Switch next to IP DNS Blocklist to enable/disable filtering at SMTP level or on receipt of full email.