D. J. Bernstein
TCP/IP
ucspi-tcp
The rblsmtpd program
rblsmtpd blocks mail from RBL-listed sites.
It works with any SMTP server that can run under
tcpserver.
Interface
rblsmtpd opts prog
opts
is a series of getopt-style options.
prog
consists of one or more arguments.
Normally rblsmtpd runs prog.
prog is expected to carry out an SMTP conversation
to receive incoming mail messages.
However, rblsmtpd does not invoke prog
if it is told to block mail from this client.
Instead it carries out its own limited SMTP conversation,
temporarily rejecting all attempts to send a message.
Meanwhile it prints one line on descriptor 2 to log its activity.
rblsmtpd drops the limited SMTP conversation
after 60 seconds,
even if the client has not quit by then.
Options:
- -t n:
Change the 60-second timeout to n seconds.
Blocked clients
If the $RBLSMTPD environment variable is set and is nonempty,
rblsmtpd blocks mail.
It uses $RBLSMTPD as an error message for the client.
Normally rblsmtpd runs under
tcpserver;
you can use
tcprules
to set $RBLSMTPD for selected clients.
If $RBLSMTPD is set and is empty,
rblsmtpd does not block mail.
If $RBLSMTPD is not set,
rblsmtpd looks up $TCPREMOTEIP in the RBL,
and blocks mail if $TCPREMOTEIP is listed.
tcpserver sets up $TCPREMOTEIP
as the IP address of the remote host.
Options:
- -r base:
Use base as an RBL source.
An IP address a.b.c.d
is listed by that source if
d.c.b.a.base
has a TXT record.
rblsmtpd uses the contents of the TXT record
as an error message for the client.
- -a base:
Use base as an anti-RBL source.
An IP address a.b.c.d
is anti-listed by that source if
d.c.b.a.base
has an A record.
In this case rblsmtpd does not block mail.
You may supply any number of -r and -a options.
rblsmtpd tries each source in turn
until it finds one that lists or anti-lists $TCPREMOTEIP.
If you do not supply any -r options,
rblsmtpd tries an RBL source of rbl.maps.vix.com.
This will be changed in subsequent versions.
RBL sources
If you want to run your own RBL source or anti-RBL source for rblsmtpd,
you can use
rbldns
from the djbdns package.
I've heard about the following public RBL sources:
- dev.null.dk
- list.dsbl.org, using rbldns as of 2002-03
- multihop.dsbl.org, using rbldns as of 2002-03
- orbs.dorkslayers.com
- orbz.gst-group.co.uk
- relays.osirusoft.com
- unconfirmed.dsbl.org, using rbldns as of 2002-03
- dnsbl.sorbs.net
- cbl.abuseat.org
I've given up on the following RBL sources for various reasons:
- blackholes.mail-abuse.org,
demanding money for access as of 2001-07
- dialups.mail-abuse.org,
demanding money for access as of 2001-07
- dul.maps.vix.com, renamed dialups.mail-abuse.org
- inputs.orbz.org, disabled as of 2002-03
- outputs.orbs.org, disabled in 2001-06
- outputs.orbz.org, disabled as of 2002-03
- rbl.maps.vix.com, renamed blackholes.mail-abuse.org
- relays.mail-abuse.org,
TXT records eliminated in 2000-08,
demanding money for access as of 2001-07
- relays.msci.memphis.edu,
a copy of relays.mail-abuse.org with TXT records,
disabled in 2001-01 because mail-abuse.org started demanding money
- rss.maps.vix.com, renamed relays.mail-abuse.org
- or.orbl.org, down as of 2001-10
- relays.ordb.org,
no longer in operation
- bl.spamcop.net,
fails to interoperate with deferred-delivery ISPs
relays.mail-abuse.org
stopped working with rblsmtpd in August 2000,
because all the TXT records were removed.
``They were eliminated because the zone file is growing rather large,''
the maintainers said.
This problem wouldn't occur with rbldns,
because rbldns databases are much smaller than zone files.
However, the people who run MAPS also have financial interests in BIND,
and they refuse to use rbldns.
Temporary errors
Normally,
if $RBLSMTPD is set,
rblsmtpd uses a 451 error code
in its limited SMTP conversation.
This tells legitimate clients to try again later.
It gives innocent relay operators
a chance to see the problem,
prohibit relaying,
get off the RBL,
and get the mail delivered.
However, if $RBLSMTPD begins with a hyphen,
rblsmtpd removes the hyphen
and uses a 553 error code.
This tells legitimate clients to bounce the message immediately.
There are several error-handling options for RBL lookups:
- -B:
(Default.)
Use a 451 error code for IP addresses listed in the RBL.
- -b:
Use a 553 error code for IP addresses listed in the RBL.
- -C:
(Default.)
Handle RBL lookups in a ``fail-open'' mode.
If an RBL lookup fails temporarily,
assume that the address is not listed;
if an anti-RBL lookup fails temporarily,
assume that the address is anti-listed.
Unfortunately, a knowledgeable attacker
can force an RBL lookup or an anti-RBL lookup to fail temporarily,
so that his mail is not blocked.
- -c:
Handle RBL lookups in a ``fail-closed'' mode.
If an RBL lookup fails temporarily,
assume that the address is listed
(but use a 451 error code even with -b).
If an anti-RBL lookup fails temporarily,
assume that the address is not anti-listed
(but use a 451 error code
even if a subsequent RBL lookup succeeds with -b).
Unfortunately, this sometimes delays legitimate mail.
Acknowledgments
Thanks to Andrew Richards for his comments on this documentation.