This help section describes the use of the DNS Blacklist Properties Dialog.
Use this dialog to edit a DNS blacklist definition. A definition consists of several properties which describe the blacklist service parameters and usage options for ORF. All properties are required unless otherwise noted.
A short name or abbreviation/acronym which identifies the blacklist. Typically written with capitalized letters. Must not contain spaces or special signs, only alphanumerical characters, underscore ("_") or hyphen ("-") are allowed. The short blacklist identifier cannot be changed after assigning it to a blacklist.
Full name of the blacklist, for example: Spamhaus ZEN.
Optional. Blacklist description. Describes the blacklist and contains a TXT record sample.
If multiple DNS results can be used with the blacklist, it should also contain the individual DNS results and their description.
A domain postfix used by ORF for accessing the DNS blacklist.
Examples: CBL has domain postfix cbl.abuseat.org, SPAMCOP has domain postfix bl.spamcop.net.
Some DNS blacklists can be accessed using DNS A, some others using DNS CNAME records. Select the appropriate DNS record type for the blacklist. Note that using CNAME records is not recommended when DNS A records are available.
Specifies whether to reverse the IP address before appending to the DNSBL domain postfix. Most DNS blacklist use reversed IP addresses.
For example, if you want to check 192.168.25.1 against Spamhaus ZEN, you would query 1.25.168.192.zen.spamhaus.org.
Set this checkbox if you want ORF to perform TXT lookups for the given blacklist. The TXT lookup data will be available in {TXTDATA} and {TXTDATAORWEBLOOKUP} fields in the SMTP response(s). Note that getting TXT data requires performing an additional DNS lookup.
Optional. Enter the URL which points to the DNS blacklist website, e.g., http://www.spamcop.net/. Note that although this field is optional, the {BLACKLISTWEB} field will be blank in the associated SMTP actions if you leave the field blank. Assigning an URL to this URL is recommended.
Optional. Enter a URL or URL format string which points to the DNS blacklist website IP lookup URL. Some blacklists have their own web page which allows checking whether an IP address is listed in their database.
This URL is returned to the remote server when the SMTP response contains the {WEBLOOKUP} or the {TXTDATAORWEBLOOKUP} format field (the default DNS blacklist SMTP response contains the {TXTDATAORWEBLOOKUP} field). This information helps the remote server administrator.
Example: you can check whether the IP 127.0.0.2 is listed in the Spamcop database if you visit the page http://www.spamcop.net/w3m?action=checkblock&ip=127.0.0.2. In this case, you should use a URL format string http://www.spamcop.net/w3m?action=checkblock&ip={IP}. You can use a fix URL (can be the same as Blacklist web site) or a formatted URL.
Format fields available: {IP} – IP address of the blocked host,{RIP} – reversed IP address of the blocked host.
An SMTP action consists of a DNS blacklist record data and the associated SMTP response which is used when an email is rejected Before Arrival. You can enable and disable the SMTP actions by setting and clearing their checkbox. Most DNS blacklists use a single record data only, 127.0.0.2 which indicates that the checked IP address is listed in the DNSBL.
Click the New button to add a new action. To modify an existing action, click Modify or hit Enter. Actions can be deleted using the Delete button or the Delete key.
More about SMTP responses is available in the SMTP Responses section.
Mark an SMTP action as dynamic if the DNS blacklist record data indicates dynamic IP addresses, such as dial-up/cable/DSL lines. ORF treats these actions specially to avoid rejection of legitimate emails. See the Header Analysis section for explanation.
Set this checkbox if you want ORF to blacklist the email regardless of the DNS record contents. Configure the SMTP response for this action by clicking the SMTP Response button.