Please think about this first.
The Mail Abuse Prevention System's Relay Spam Stopper List can be used by any interested party in the configuration of their own network or mail relay, toward the goal of limiting receipt of unwanted relay spam. This step must not be taken lightly -- the MAPS RSSSM creates intentional loss of email connectivity for anyone who chooses to use it. Sometimes a site that is actively engaged in relaying unwanted spam to internet users may also have users that are not spammers. What actually happens is that the nonspammers share an unpleasant and negative fate with spammers in that case. In other words, if you are not willing to occasionally throw out a baby with the bathwater (figuratively speaking of course), then the MAPS RSSSM is not for you.
If you're familiar with a mail server software package or filtering system that could utilize the MAPS RSSSM, but you don't see that information listed here, please inform us of how people could use it to utilize the RSSSM -- we'd love to add that info to this page.If you don't see your favorite mail server package listed here, check with the manufacturer -- it may have integrated or optional RBLSM/RSSSM/DULSM support even though it's not listed here. The number of mail server packages that support DNS-based blackhole lists seems to grow daily, and we can't keep up with all of 'em.
How to use RSSSM to reduce the amount of relay spam you are forced to accept or filter.
Like the MAPS RBLSM and DULSM, the RSSSM exists as a DNS zone, in this case relays.mail-abuse.org. This means most software that already uses the RBLSM will work immediately with the RSSSM, either by replacing the zone name or (better yet) adding a second check and using multiple zones.
Using RSSSM with MS Exchange Server
There's currently no way to implement RSSSM (or any other RBLSM-style list) directly, under MS Exchange server. We'd definitely recommend that you ask Microsoft to include this functionality in the future. In the meantime, click here for more information about alternative methods of utilizing the MAPSSM lists using MS Exchange Server or other NT-based alternatives.
Using RSSSM with Sendmail 8.10.x
Sendmail 8.10 makes life even easier for running multiple DNS based blackhole lists. The entries in the .mc are as follows:
FEATURE(dnsbl, `blackholes.mail-abuse.org', `Rejected - see http://www.mail-abuse.org/rbl/')dnl FEATURE(dnsbl, `dialups.mail-abuse.org', `Dialup - see http://www.mail-abuse.org/dul/')dnl FEATURE(dnsbl, `relays.mail-abuse.org', `Open spam relay - see http://work-rss.mail-abuse.org/rss/')dnlNote: no patches are needed. It "just works" right out of the box. Another nifty thing is also possible. You can add one more line to the .mc and it'll actually show you the intended recipient:
FEATURE(`delay_checks')dnlPreviously all you'd get in the logs was "reject=<whatever>" with no clue as to who narrowly avoided the spam. With delay_checks, another log entry shows up with that nice piece of information. People running spam bait accounts may find this especially useful. I certainly have.
Using RSSSM with Sendmail 8.9.x (the easy way).
Thanks to Russell Kroll for the following information.
First you need to apply the mrbl.p3 patch from sendmail.org. It's linked from this page (look for "a patch").
The patch changes a few things around in the sendmail distribution tree so that multiple calls can be made without any fuss. Then you get to edit your m4 file that defines your local configuration to have things like this in it:FEATURE(rbl, `blackholes.mail-abuse.org', `Rejected - see http://www.mail-abuse.org/rbl/')dnl FEATURE(rbl, `dialups.mail-abuse.org', `Dialup - see http://www.mail-abuse.org/dul/')dnl FEATURE(rbl, `relays.mail-abuse.org', `Open spam relay - see http://work-rss.mail-abuse.org/rss/')dnlYou just keep adding them as new ones spring up. You can also get fancy with this and incorporate $&{client_addr} where appropriate. Then you rebuild your .cf from the .mc as always, copy it over, restart sendmail, and it's done. Being able to avoid hand hacking the cf version has made this a lot easier for me to implement these list across all my servers.
Using RSSSM with Sendmail 8.9.x (the hard way).
I use the RSSSM with sendmail, and I like to hack my sendmail.cf file. Here's what I did to utilize the RSSSM, RBLSM, and DULSM simultaneously.
R$* $: $(dequote "" $&{client_addr} $) R0 $@ OK R$-.$-.$-.$- $: $(host $4.$3.$2.$1.blackholes.mail-abuse.org. $:OK $) R$+. $# error $@ 5.7.1 $: "571 Mail from " $(dequote "" $&{client_addr} $) "refused, see http://www.mail-abuse.org/rbl" ROK $: $(dequote "" $&{client_addr} $) R$-.$-.$-.$- $: $(host $4.$3.$2.$1.relays.mail-abuse.org. $:OK $) R$+. $# error $@ 5.7.1 $: "571 Mail from " $(dequote "" $&{client_addr} $) "refused, see http://work-rss.mail-abuse.org/" ROK $: $(dequote "" $&{client_addr} $) R$-.$-.$-.$- $: $(host $4.$3.$2.$1.dialups.mail-abuse.org. $:OK $) R$+. $# error $@ 5.7.1 $: "571 Mail from " $(dequote "" $&{client_addr} $) "refused, see http://www.mail-abuse.org/dul/" ROK $@ OKIf you decide to cut and paste this, and insert this into the appropriate place, make sure you turn the spaces in between the two columns back into tabs.
Using RSSSM with Exim version 3.x.
Up to date instructions for utilizing RBLSM-style lists can be found at: http://www.us.exim.org/howto/rbl.html
With 3.x you have the ability to take different actions with different RBLSM-style lists (like tag headers with ORBS, refuse with RSSSM, RBLSM, and DULSM).Using RSSSM with Exim version 2.x.
In Exim you will need to add the following to your config file (if you just want to use the RSSSM):
(If you want to use other lists as well):
rbl_domains="yyy.zzz.com:relays.mail-abuse.org:aaa.bbb.com"
To drop all mail that originates from a listed mail server you will need to add:
rbl_reject_recipients=true
Using RSSSM with procmail.Walter Dnes has created a cool procmail script called "Six Pack" which will check your incoming mail against six different filtering systems, including the RSSSM. If procmail is your thing, and you hate spam, then this is the cool tool for you! Visit his web site for more information.
Using RSSSM with the EMWAC Internet Mail Server.
This software package can easily utilize the RSSSM to protect your users against incoming spam. See <http://www1.sica.com/ims/> and download SCSMFILTER 030 or later, and Antirelay 3, both of which can be obtained from that site. You can easily secure your server against free relay, and you have the ability to use the RBLSM, RSSSM, and other lists with that software. The ability to use RSSSM has even been pre-configured into the AR3 package!
Using RSSSM with qmail.
The RSSSM zone used to have TXT records. It currently does not have text records, as of August 2000. They were eliminated because the zone file is growing rather large. This affects Qmail users who utilize rblsmtpd to check the RSSSM list, as the previous instructions relied on the existance of TXT records to function.
Now, to utilize RSSSM with rblsmtpd, you need to do two things. First, grab the rblsmtpd-rss.diff patch and install it. Next, change the command that you use to call qmail to this:
/usr/local/bin/tcpserver-qmail -pR -c50 -u70 -g70 -x/etc/tcp.smtp.cdb 0 smtp
/usr/bin/rblsmtpd -b -r "relays.mail-abuse.org:Open relay problem - see <
http://www.mail-abuse.org/cgi-bin/nph-rss?%IP%>" /usr/bin/rblsmtpd -b
/var/qmail/bin/qmail-smtpd 2>&1 | /var/qmail/bin/splogger smtpd 2 &Alternatively, apply the ucspi-rss.diff patch to ucspi-0.88 and change
-r relays.mail-abuse.orgto
-r 'relays.mail-abuse.org:Open relay problem - see <URL:http://work-rss.mail-abuse.org/cgi-bin/nph-rss?%IP%>'Sorry for any confusion.
Using the RSSSM with Postfix.
Thanks to Jeff Chilton and Robert Hof for the following information.
Adding RSSSM screening to Postfix is easy. Use the following directives in your main.cf file to reject mail from addresses listed by the RBLSM, DULSM or RSSSM:
maps_rbl_domains = blackholes.mail-abuse.org dialups.mail-abuse.org relays.mail-abuse.orgsmtpd_client_restrictions = reject_maps_rblIf your dialups are listed in the DULSM, then change that last line to:
smtpd_client_restrictions = permit_mynetworks, reject_maps_rblThat'll exempt your dialups or local networks, listed in permit_mynetworks, from being blocked by your own mail server.
Using RSSSM with Lotus Notes.
I'm told that it's possible! (Yay!) See Karl-Henry Martinsson's web site at http://www.idgnews.net/SpamFilter for more information.
Using RSSSM with MailShield.
Thanks to Ian Vaudrey for the following information.
Here is a rule for MailShield to enable use of the MAPS RSSSM.
The rule is based on one posted by John Buckman for the DSSL.(add to begin.mml, after the ORBS support)
############################################################################## # Check to see if this TCP/IP address is listed on the # MAPS Relay Spam Stopper (RSS) (see http://work-rss.mail-abuse.org/ for info) if ($use_rss) { if (&DNSRBLLookup(".relays.mail-abuse.org", $PeerTcpip)) { $log_message = "571 SMTP session refused because your host is listed on the RSS. See http://work-rss.mail-abuse.org/"; $smtp_message = "571 TCP/IP address: ".$PeerTcpip." is listed on the RSS. See http://work-rss.mail-abuse.org/"; &DefaultRejection; }; };(add to config.mml)
# MAPS Relay Spam Stopper (RSS) $use_rss = &ReadConfigFile($dir_config.'rss.txt');Then, create a text file named "rss.txt" in the shield/config directory with the word TRUE in it, and the RSS feature will be enabled.
Using RSSSM with smtpd.
Thanks to Christopher Schulte for the following information.
To make smtpd work with the RSSSM, just add this single line to the 'smtpd_check_rules' configuration file smtpd uses to allow and deny incoming smtp connections:
noto:RBL.relays.mail-abuse.org:ALL:ALL:550 Open spam relay - see http%C//www./This line needs to be added about the same place as your RBLSM restrictions, if they are assigned. Keep in mind that the smtpd program itself needs to be patched to work with RBLSM, DULSM, or RSSSM. See http://www.obtuse.com/smtpd.html for more info on applying this patch.
Using the RSSSM with Novell Internet Messaging System (NIMS).
Thanks to Tim Pearson for the following information.
To take advantage of the RSSSM (or any RBLSM) with Novell Internet Messaging System,do the following:
- Run NWADMIN32.EXE (Netware Administrator) from a server where the NIMS snap-ins are loaded.
- Locate the "Internet Services" Object at the top of your tree (the one with the red "X" logo).
- Double click on it to expand the list of NIMS components.
- Right click on the "SMTP Agent" object and choose "Details."
- Select the "UBE Prevention" page.
- In the box labeled "Check against RBL list at server:" enter relays.mail-abuse.org
- Check the box to the left of the above phrase to activate RBL checking.
- Click OK to save your changes.
- At the server console type:
UNLOAD MAILCON
LOAD IMS UNLOAD- Wait for all modules to unload.
- At the server console type:
LOAD IMS
LOAD MAILCONThat's it. As far as I know, NIMS only supports using one RBLSM host. If anyone knows how to make NIMS use multiple RBLSM hosts, please share the technique with us!
Using RSSSM with SIMS (Stalker Internet Mail Server)
SIMS allows use of DNS-based blackhole lists, including RSSSM. This can be done either via the web interface or through the Communigate Client (Communigator) application, in the SMTP setup section. SIMS runs under MacOS and is freeware, available from Stalker Software, Inc. For more information visit their web site at http://www.stalker.com/.
Using RSSSM with CommuniGate Pro
CommuniGate Pro from Stalker Software supports DNS-based blackhole lists like RSSSM. See http://www.stalker.com/CommuniGatePro/AntiSpam.html#BlackDNS for info.
Testing your RSSSM block.
Thanks to Russ Nelson for the following information.
To test your RSSSM block to make sure that you're blocking no more or less than hosts listed on the RSSSM, send mail from the machine under test to nelson-rss-test@crynwr.com. Expect a single reply to your mail if your block is working. See the above URL for more information.
If your server is doing a lot of queries, or there are network latency or firewall issues which make querying our nameservers difficult, you may wish to consider keeping a copy of the entire relays.mail-abuse.org zone file on a local nameserver. (However, if you have no idea what any of that means, this solution probably isn't for you.)
If you'd like to sign up or would like more information, please use our Request for a quote form.
We'd encourage sites which plan to use the RSSSM as well as the RBLSM and/or DULSM in transfer mode to instead look at the MAPS RBL+SM, which combines all three lists into a single query, and is available for less than the combined cost of two of those lists individually.
Click here to return to the main menu.
[ MAPSSM LLC | RSSSM | RBLSM | DULSM | TSI ] [ Contact Us ] Updated 8/6/2001.