Anti-Spam Update … DNSBL, SORBS, SpamHaus, etc.

Posted on by

Spam is a pain in the Inbox. I seem to see it in waves … as I continue to evolve my anti-spam weapons. I really don’t want to change my e-mail address, so I have to keep looking for ways to block spam from the source.

Years ago, I migrated my mail server to qmail and have been very happy with the results. One of the features of the qmail installer script that I used, was that it automatically set-up a number of nice features, including the support for DNSBL. Domain Name Service Block List (DNSBL) is a system that has evolved over the years to be a very robust way for mail servers to check if mail is being sent by a host on the Internet that either should not be sending e-mail, or that is a known source of spam. Your mail server is simply configured to “ping” a DNSBL provider every time a system connects to deliver mail. The “ping” uses the DNS protocol to look-up the IP address of the connecting host, and it will get a response that indicates if the system is “black listed”. If the system is black listed, your mail server will hang the connection for up to 60 seconds (just to hold up the spammer for a bit) and then drop the connection. There are now several entities that will provide this service for pay and for free … and many have come and gone over the years.
Drop in spam on my qmail server, due to Spamhaus!Over the last several years I have moved from provider to provide between the various “free” providers. Recently, one of the providers I had relied on – SORBS – had started to really degrade in their ability to block spam. I figured it was time to see what was going on, and I came across this great article about the accuracy of SORBS by Al Iverson. Al has some incredible anti-spam statistics about the various DNSBL providers … and I was stunned at the statistics about Spamhaus. I very quickly updated my mail server configuration, and at ~1:45am last Tuesday morning I flipped to using Spamhaus. The chart above shows what the results were … fabulous!

What happens when ordb.org domain goes away ...Of course, with each success there seems to be a curve ball. Yesterday, not even a week after my change, my mail server began to experience problems. Of course I immediately began to suspect my Spamhaus changes … and I was worried that I was about to give up all of the wins of the last several days! But what I found was a relief. Another one of the providers that I have been using – ordb.org – had announced they were going under last December … and I forgot to remove their servers from my configuration. Looking at the chart above, you can see the impact … for almost 24 hours my spam when down to zero! Well … that’s because ALL received mail went to ZERO! I was able to remove them from my configuration and get things back in order … and the backlog of e-mails began to roll in.

All in all, I have to say that I am really pleased with Spamhaus … it is an amazing organization that deserves a lot of attention … and donations! They are out there doing everything they can to provide a great anti-spam solution. I know for sure … I’m down to ~15 spam a day now … I was getting ~200 a day before making this change!

Leave a Reply