Playing by the Rules
To complete RBL integration, you need to create a connection-filter rule. You then need to configure the rule with the DNS suffix of your RBL provider and the return status code that you want the rule to catch. (If you want, you can also specify a custom error message for the rule to return; in this example, I used the default error message.)
To create the rule, open the MMC Exchange System Manager (ESM) snap-in on an Exchange test server (a different server from your test spam server), navigate to the Global Settings folder, and open the Message Delivery Properties dialog box. Go to the Connection Filtering tab and click Add to open the Connection Filtering Rule dialog box, which Figure 4 shows. In the Display Name text box, enter a name for the rule. Use something descriptive; the display name will be included in the default NDR that Exchange returns to the sender. In this example, I named the rule "The TOP's block List (Gotcha!)" because my Exchange test server is in the organization top.tst. In the DNS Suffix of Provider text box, enter the name of your DNS RBL zone (i.e., MyBlockList.tst); if you use a third-party provider, you enter that provider's DNS suffix. If you want the rule to look for a specific status code, click Return Status Code to specify that code. Otherwise, the filter will catch any code by default. Note the Disable this rule check box near the bottom of the dialog box. I explain how to use that check box later when I discuss testing the filter's operation.
Before the filter rule can take effect, you need to apply the filter to your SMTP virtual server. To do so, open the virtual server's Properties dialog box, go to the General tab, and click Advanced. Select the virtual server IP address, click Edit, and select the Apply Connection Filter check box, as Figure 5 shows.
The DNS RBL in Action
Now that you've completed the configuration of your test RBL, does it work? To find out, send a message from the spam server to your Exchange test server while the filter is disabled and again while the filter is enabled.
Open the Connection Filtering Rule dialog box for the rule you created. Select the Disable this rule check box and close the dialog box. Then, send a message from the spam server to your Exchange test server. The message should arrive without a problem. Now, clear the Disable this rule check box to reenable the rule, then send another message from the spam server. Figure 6 shows the desired result—an NDR that includes the name of the filter rule and proves that your test RBL and filter rule are working.
One More Stumbling Block for Spam
Exchange 2003 offers plenty of ways to fight spam—including DNS block lists. Testing the operation of these lists and the connection-filter rules that implement them will help you better understand how you can best use RBLs in a real-world scenario. For more information about Exchange 2003's antispam capabilities, see "Resources."