DNS

DNSBL is a DNS server which only lists IP addresses of known spammers.

If you query an address against a DNSBL server and get a positive result, the address is most likely of a known spammer.

This can be used as an Antispam technique.

Figure. Security management: DNS tab.

Field	Description
Use IP Reputation	Check this box if you want to enable IP Reputation feature to block or allow a messages, based the sender's IP address.
'B' button	Use to open and edit the IP Reputation bypass file - iprepbypass.dat. See the example in the bypass file for the correct syntax.

Field

Description

Use IP Reputation

Check this box if you want to enable IP Reputation feature to block or allow a messages, based the sender's IP address.

'B' button

Use to open and edit the IP Reputation bypass file - iprepbypass.dat.

See the example in the bypass file for the correct syntax.

Field	Description
Use DNSBL	Check this option to use DNSBL checking. Use the B button to specify a list of IP addresses, domains and email address that you will not perform the DNSBL check for (effectively a list of trusted addresses).
Close connections for DNSBL sessions	Check this option and all connections from IP addresses which are listed on the blacklist will be closed immediately.
Host	Here you must define a list of DNSBL server(s) you wish to query. Use the Add and Delete buttons to populate and de-populate the list. Note: You can use as many DNSBLs as you wish but you should be aware that each query will add some processing time.
'B' button	Use to open and edit the DNS blackhole list bypass file - rblbypass.dat. See the example in the bypass file for the correct syntax.

Field	Description
Reject if originator's IP has no rDNS	Check this option to enable rDNS (reverse DNS) checking. Any connection from a server that does not have an rDNS record (PTR record) will be rejected.
Reject if originator's domain does not exist	Check this option to check for the existence of a DNS A record for an incoming message senders domain. If the sender's domain has no A record, the message is rejected.
'B' button	Use this button to open and edit the IP has no rDNS bypass file - rdnsbypass.dat. See the example in the bypass file for the correct syntax.
'B' button	Use to open and edit the "domain does not exist" bypass file - mxbypass.dat. See the example in the bypass file for the correct syntax.

Field	Description
Enable SRS (Sender Rewriting Scheme)	Activates the SRS technology fixing the SPF forwarding mail issue, by forcing the agent to change the "mail from" address. Note: When using SRS, it builds the MAIL FROM always referring to the primary domain. You may have a reason not to show your primary domain but still use this feature. The solution is to have SRS enabled + enable the Use domain IP address for outgoing connection feature (Domains and Accounts > Global Settings > Domains > Other) or set the C_Accounts_Global_Domains_IPAddress API variable to 1.
Use SRS NDR (Non-Delivery Report) Validation	Activate this feature if you want the server to validate whether incoming NDRs (bounce backs) contain the correct SRS hash (see SRS secret key). If not, these NDRs are not delivered into users' mail boxes.
SRS secret key	The secret key is any arbitrary string you can make up - it is your own pass phrase. The secret key will be used for ciphering the data (for hash creation). This field must not be left blank.
'B' button	Use to open and edit the SRS bypass file - srsbypass.dat. See the example in the bypass file for the correct syntax.