Streamyx

DNS block lists can be a nice way to reduce the amount of email spam
received by a mail server. They are usually cheap, easy to install and
resource-friendly. As the name implies they work with the help of domain
name servers. If a mail server uses DNS block lists it queries a name server
for the address of a name built from the hostname or IP address of the sending
mail server and the name of the block list. Depending on the result of the
query the mail message gets accepted or rejected.

Probably the first DNS block list was the Realtime Blackhole List (RBL)
started by MAPS (Mail Abuse Prevention System). It is now a service you have
to pay for but the majority of DNS block lists is still available for free.

It is easy to include DNS block lists in the configuration of the most common
mail servers (sendmail, postfix, exim, ...). The block lists are integrated on
the server side and you save bandwidth because you don't need to receive the
spam mails. The connections are rejected in the SMTP dialog between the
sending and the receiving mail server. DNS block lists use a very low amount
of resources from your mail server compared to spam or virus filters that have
to analyse the contents of your mail messages.

Of course there are disadvantages also. Probably the most important
disadvantage is that you are outsourcing the decision whether you accept or
reject mails from a certain source. If the sending mail server is listed in
one of the blocklists you are using you will reject every mail from this server.
Usually you will not know the administrator of the blocklist but you have to
trust him that he adheres to the policy of the blocklist. Even if the admin is
trustworthy sometimes there will be mail servers listed that should not be on the
blocklist. Imagine an ISP who has a lot of good customers but one customer who
is a spammer. If the spammer sends out spam over the mail server of the ISP,
the mail server may get listed on a blocklist. It will need some time until the
ISP solves the problem with his bad customer and gets his mail server off the
blocklist. In the meantime you will not receive mail from the good customers
of this ISP. Another problem is that DNS blocklists don't live forever. If a
blocklist is abandoned and your mail server still tries to query it, you may
block mails that you wanted to receive.

So how useful are DNS block lists after evaluating the pros and cons?
They can be very useful to lower the overall CPU usage of your anti spam
strategy. It is advisable to use a small number of carefully chosen
blocklists. If you are using a block list, subscribe to the mailing list or
newsletter of the organisation who runs the block list. That way you will take
note of any problems that the block list may have and you will be informed if
it gets shut down. DNS blocklists should never be your only strategy against
spam. They should be combined with other mechanisms to help keeping spam out
of your inbox.

Andreas Stiasny runs a small ISP business and has been configuring mail and web servers for more than a decade. For more information about DNS block lists and other anti spam strategies visit http://reduce-spam.com/dns-block-lists.php where you can find information about server side as well as client side tools which help to reduce the amount of spam mails.