DNSBL checking

Submitted by Anonymous on Mon, 07/30/2012 - 00:14
Written by

I'm not sure about this one. I want to enable the DNSBL power ban checking and was looking at the Spamhaus website for using. I've added this in the DNSBL settings below for use.


But on read their FAQ section, they say use these 3 together.

We recommend you use sbl.spamhaus.org together with xbl.spamhaus.org and pbl.spamhaus.org, as the SBL and XBL/PBL block different spam sources. To save you having to query three separate DNSBL zones, there combined "zen.spamhaus.org" zone contains the complete SBL, XBL and PBL data. Your server can safely reject SMTP connections from any IP listed in Zen by simply setting your mail server's DNSBL check to query zen.spamhaus.org only. Read the XBL FAQ and PBL FAQ for further information if your application uses second-stage filtering such as URI checks or full header traversal.

We ask, but do not require, that all ISPs using our BL zones inform customers of the fact you run spam filters (simply because it is the correct thing to do). Use of known-to-be-effective spam blocklists is normally seen as a service advantage and strong sales point. All SBL, XBL and PBL users are welcome to use the "email protected by" SBL, XBL and PBL web badges on sites.

So do I add these 3 on each line.


Or should I be using this one on it's own (which they seem to say use)?


Just posting another link to read: http://www.spamhaus.org/zen/

ZEN is the combination of all Spamhaus IP-based DNSBLs into one single powerful and comprehensive blocklist to make querying faster and simpler. It contains the SBL, SBLCSS, XBL and PBL blocklists.

zen.spamhaus.org should be the only spamhaus.org DNSBL in your IP blocklist configuration. You should not use ZEN together with other Spamhaus IP blocklists, or with blocklists already included in our zones (such as the CBL) or you will simply be wasting DNS queries and slowing your mail queue.

At the moment I'm using just this now: zen.spamhaus.org

Want to know if that is correct?

It doesn't matter what you add, they all work the same way. Only what they block differs. Some are targeted only at hosts that send email spam, others also block open/anonymous proxies etc.

I haven't checked them all out for a while, so can't tell which ones are current best to use. One good idea is ofcourse to use a number of different ones so you can block only when x or more databases have an IP address listed.

It comes down to experimenting and seeing what effect it has.

Forgot about this, but also read the docs/anti-spam.html document with UseBB.