Implementing real time block lists for spam control

The Spamhaus Project
A couple of months back, I wrote a post about controlling spam using the Microsoft Exchange Intelligent Message Filter. Whilst it has to be said that the IMF has been effective in reducing my spam volumes (with very low false positives – strangely enough my blog posts are the ones it has most trouble with) it’s still not catching all of the unsolicited commercial e-mail (UCE) that I receive, so this week I resorted to another spam control – real time DNS block lists.

Various lists exist with details of known spam relays and the one I’m using is from the Spamhaus project. Actually I’m using two of their lists – the Spamhaus block list (SBL) and the Spamhaus exploits block list (XBL), both of which are free for non-commercial use – I may add other services later.

Setting up the block lists within Microsoft Exchange Server was reasonably straightforward, following advice from Daniel Petri (further information can be found in Microsoft knowledge base article 823866). I then tested the service as recommended at Crynwr Software’s spam blocking resources page. After initial problems testing the service as my mail was being routed via my ISP’s relays (but I could see the conversation when I telnetted to Crynwr’s servers) I switched to DNS-based routing and received a satisfactory response to the e-mail tests – most importantly showing the following text in the SMTP conversation:

550 5.7.1 knownspamserveripaddress has been blocked by Spamhaus
Terminating conversation

So, that’s another tool in my anti-spam arsenal. The UCE levels appear to be tailing off now… hopefully I’m not dropping too much “real e-mail”. One day I hope to be able to say (in the style of John C Dvorak) “I get no spam”.

E-mail protected by SBL advisory E-mail protected by SBL advisory

Leave a Reply