IRISRBL a simple anti-spam Service
Introduction
RedIRIS considers that the Reputation List is the best way to reduce spam coming from botnets. For this reason, RedIRIS puts at the disposal of its affiliated institutions the IRISRBL Service (Reputation Block List), which consists of two DNS zones containing millions of IP addresses of bad reputation to be used by e-mail servers and which will contribute towards reducing the amount of spam.The IRISRBL Service is a DNSbl (DNS Real Time Block List) generated, controlled and managed by RedIRIS. Until now, to find out about the reputation of an IP address, it was necessary to perform DNS lookups sequentially in spamhaus, spamcop, mail-abuse, RedIRIS ListaBlanca, etc. With IRISRBL only one lookup is required. This document is a guide on the various aspects of the IRISRBL Service, designed for those responsible for the electronic mail service of RedIRIS institutions. This service has two DNS zones to which lookups may be sent:
|
Lookups sent to these DNS zones are configured in the usual way, the same as for any other blacklist. RedIRIS recommends the strong zone is used and puts at the disposal of RedIRIS institutions suitable mechanisms to exclude IPs that are considered false positives.
If you belong to an institution connected to RedIRIS and you wish to use the IRISRBL Service, you should make an application on the FORM, shortly after which you will be able to use the service.
If you do not belong to an institution within the RedIRIS community and believe that the IRISRBL Service is blocking your mail, before sending a complaint please read the note "How does the IRISRBL Service affect you?"
Advantages of the IRISRBL Service
The IRISRBL Service is exclusively for the use of RedIRIS institutions and these are the only entities that can request the service.
|
DNSbl mechanism of action
IRISRBL is a DNSBL, a Blocking List; it is a database that is consulted in real time by e-mail servers to obtain an opinion of the reputation of the origin of an e-mail. The role of IRISRBL is to advise and provide an opinion to RedIRIS institutions on the reputation of specific IPs with respect to incoming electronic mail.
The Policy of the Receiver decides the action to take
Each institution and in general each domain that decides to implement antispam filters is defining a policy and actions for accepting incoming e-mail. The receiver unilaterally decides to use IRISBL as a blocking list and what it does with the incoming e-mail coming from an IP included in the IRISRBL list. IRISRBL only indicates if an IP is or is not included in the database.
- The receiver takes the decision to accept, label or reject e-mail messages depending on, among other factors, whether the IP of the sender is included in IRISRBL.
- The receiver looks up IRISRBL asking, "Is the IP of the sender in RBL?". IRISRBL automatically responds in real time to the request about the sender of the e-mail.
- RedIRIS does not intervene in the decision adopted by the Receiver about what to do with the incoming e-mail from an IP included in IRISRBL.
- Instead of rejecting a message coming from an IP included in IRISRBL, the message can be labelled, which is very helpful for future analyses of the contents (spamassassin etc.).
- RedIRIS recommends that Institutions using IRISRBL block/reject the connection of IPs included in IRISRBL, instead of accepting them and then ending up storing them in the wastebasket. Rejecting and blocking an e-mail in an SMTP transaction means that the content of the message does not enter your domain, thus reducing the use of resources. We maintain a classical rule for electronic mail: If an e-mail cannot be delivered the sender must ALWAYS be made aware of this, and receive information about the causes of non-delivery.