Finding the right RDNS blacklist from SANS

Anyone reading this post, that also runs a mail server should immediately know what I am talking about. Reverse DNS blacklists for mail servers to stop spam. What are these lists? Well, these are lists of known bad senders (open relays, spambots, spamfriendlies, whatever) that are maintained and setup to act like a DNS server. When you configure your mail server (and some clients too! Mailwasher anyone?), you can tell it to check all incoming mail senders against the blacklist, and then what to do if they are on it, like bouncing, deleting, tagging, etc. Basically, it works by doing a reverse DNS lookup agains’t the blacklist server, if the address in question is found (i.e. it resolves), then it’s a match and the mail is dealt with. These are very handy for helping slow the flow of spam. Here is an article from SANS about how to pick a good one, and some things to look out for. This is a good read from a good place, check it out.

One thought on “Finding the right RDNS blacklist from SANS

Tell me what you are thinking?