Skip to main content

How do I apply DNSBLs on MS Exchange 2010? [Resolved]

We are lately receiving more spam. I was told we should use DNSBLs in order to reduce number of spam mails effectively.

All I was able to find out was to add IP Block List Providers manually. This is sadly not a solution I can work with.

Every idea is very much appreciated.

Asked April 21, 2017
Posted Under: Network
1 Answers

You shouldn't try to find a solutions that automatically adds ALL DNSBLs to your Edge Transport server as there are different DNSBLs for different purposes. You first have to decide how aggressive you want to be in directly rejecting spam and choose DNSBLs used accordingly.

When you have desided which lists you will use, you have to Configure IP Block List Providers manually, but it shouldn't take long with Add-IPBlockListProvider cmdlet. Example:

Add-IPBlockListProvider -Name "Spamhaus ZEN"   `
    -LookupDomain ""   `
    -AnyMatch $true -Enabled $true   `
    -RejectionResponse "IP address is listed by Spamhaus ZEN"

Add-IPBlockListProvider -Name "SORBS Open SMTP relay"   `
    -LookupDomain ""   `
    -AnyMatch $true -Enabled $true   `
    -RejectionResponse "IP address is listed by SORBS as Open SMTP relay"

There is an article which has commands for adding many DNSBL providers at once, but I wouldn't advice using it as it will be extremely aggressive i.e. it increases possibility for false positives.

Answered April 21, 2017
Your Answer