It is noteworthy that, in the case of returning 127.0.0.3, we flag all IPs which we consider unsuitable for hosting mail transfer agents. In that case, the DNSBL does not only list systems that send spam, so it’s up to each administrator to decide how to use it (further down, integration tips for SpamAssassin, if you prefer, instead of rejection). Making an analogy with the RFC Ignorant list (now RFC Clueless), we also require a number of important settings, so we could be called the “SPF ignorant” or “FCrDNS ignorant” system. In addition, any machine with no purpose of email service is a potential vector of a hacker attack, so this flagging also prevents any possible attack rather than waiting for the first damage to blacklist the IP after the injury caused. More about our rules, in the our delist page.
IMPORTANT: We do not provide any guarantees, despite the best efforts to maintain a stable and coherent system. Use at your own risk and take into consideration that our systems works based on reputation, without privileges to any system, including Internet providers and email marketing systems, if they have a poor reputation. For this reason, we suggest you use our DNSBL to mark emails as spam, rather than by rejecting emails. Check your MTA documentation for details or, if it is not feasible, consider using SpamAssassin (see below), which has the downside of not normally scanning emails above a certain size.
IMPORTANT: Current limit is 10 queries per second and the response will have rcode 5 (REFUSED) when reached. Higher frequencies require contribution. Please contact us informing your IP or range, for further details. Even within the query threshold, consider making a donation so we can maintain and expand our free services.
Alternate method of usage via SpamAssassin
This is a scenario that was helpful in a case in which the provider did not want to run the DNSBL for all its customers, rather only for Brazilian customers, based on the e-mail addresses of recipients, ending in .br. It is the same as using our DNSBL directly (dnsbl.spfbl.net host), however, for specific recipients. In this example, besides recipients with e-mail addresses ending in .br, we also added the recipient domains example1.com and example2.com, to be considered. The ideal is to increase the score in order to mark as spam. In the example below, the CUSTOM_SPFBL rule adds six points and verifies both result codes, 127.0.0.2 and 127.0.0.3.
header __RCVD_IN_SPFBL eval:check_rbl('spfbl-lastexternal','dnsbl.spfbl.net.')
describe __RCVD_IN_SPFBL Listed in dnsbl.spfbl.net.
tflags __RCVD_IN_SPFBL net
header __TO_BR TO =~ /\.br|exemplo\.com|exemplo2\.com/i
meta CUSTOM_SPFBL (__RCVD_IN_SPFBL && __TO_BR)
describe CUSTOM_SPFBL HIT to BR
score CUSTOM_PSPFBL 6.0