Manual RBL ORDBL DNSBL SPAM troubleshooting
2006-10-29 17:40
232 查看
This article describes how to manually test an IP address connecting to your SMTP server to verify whether it is considered a Spam source by various RBL/ORDBL/DNSBL services.
This example uses a Microsoft Windows system running the Command Prompt.
Before you begin, identify the IP address in question by viewing the SMTP server logs or viewing the received email header detail. For this example, the IP address to verify is 81.66.47.103.
To verify the IP address enter the following commands at the command prompt:
C:/>nslookup
> 103.47.66.81.dynablock.njabl.org
The response returned is:
Server: [your server]
Address: [your server IP address]
Non-authoritative answer:
Name: 103.47.66.81.dynablock.njabl.org
Address: 127.0.0.3
The dynablock.njabl.org database returned an address of 127.0.0.3, which is designated as a Spam source. Typically, an IP of 127.0.0.x is a type of Spam category. The FortiGate unit will recognize all of these results as Spam.
A search on the text record provides further details on the SPAM source.
To search on the text record, enter the following commands at the command prompt:
> set type=txt
> 103.47.66.81.dynablock.njabl.org
The response provides the following information:
Non-authoritative answer:
103.47.66.81.dynablock.njabl.org text =
"Dynamic/Residential IP range listed by NJABL dynablock - http://njabl.org/dynablock.html" dynablock.njabl.org nameserver = ns5.njabl.org
dynablock.njabl.org nameserver = ns6.njabl.org
dynablock.njabl.org nameserver = ns1.njabl.org
dynablock.njabl.org nameserver = ns2.njabl.org
dynablock.njabl.org nameserver = ns3.njabl.org
dynablock.njabl.org nameserver = ns4.njabl.org
ns1.njabl.org internet address = 209.208.0.96
ns2.njabl.org internet address = 69.28.95.74
ns3.njabl.org internet address = 69.28.95.42
ns4.njabl.org internet address = 209.208.92.254
ns5.njabl.org internet address = 209.208.0.111
ns6.njabl.org internet address = 69.28.95.66
> 103.47.66.81.sbl.spamhaus.org
Server: [your server]
Address: [your server IP address]
*** ns-cache0.oleane.net can't find 103.47.66.81.sbl.spamhaus.org: Non-existent domain
Note that if you configure multiple RBL/ORDBL/DNSBL services on the FortiGate unit, the first positive Spam hit returned by any service, is sufficient to mark the email as Spam. That is, all configured RBL/ORDBL/DNSBL services will have to return a negative result before the incoming email is not considered as spam
This example uses a Microsoft Windows system running the Command Prompt.
Before you begin, identify the IP address in question by viewing the SMTP server logs or viewing the received email header detail. For this example, the IP address to verify is 81.66.47.103.
To verify the IP address enter the following commands at the command prompt:
C:/>nslookup
> 103.47.66.81.dynablock.njabl.org
The response returned is:
Server: [your server]
Address: [your server IP address]
Non-authoritative answer:
Name: 103.47.66.81.dynablock.njabl.org
Address: 127.0.0.3
The dynablock.njabl.org database returned an address of 127.0.0.3, which is designated as a Spam source. Typically, an IP of 127.0.0.x is a type of Spam category. The FortiGate unit will recognize all of these results as Spam.
A search on the text record provides further details on the SPAM source.
To search on the text record, enter the following commands at the command prompt:
> set type=txt
> 103.47.66.81.dynablock.njabl.org
The response provides the following information:
Non-authoritative answer:
103.47.66.81.dynablock.njabl.org text =
"Dynamic/Residential IP range listed by NJABL dynablock - http://njabl.org/dynablock.html" dynablock.njabl.org nameserver = ns5.njabl.org
dynablock.njabl.org nameserver = ns6.njabl.org
dynablock.njabl.org nameserver = ns1.njabl.org
dynablock.njabl.org nameserver = ns2.njabl.org
dynablock.njabl.org nameserver = ns3.njabl.org
dynablock.njabl.org nameserver = ns4.njabl.org
ns1.njabl.org internet address = 209.208.0.96
ns2.njabl.org internet address = 69.28.95.74
ns3.njabl.org internet address = 69.28.95.42
ns4.njabl.org internet address = 209.208.92.254
ns5.njabl.org internet address = 209.208.0.111
ns6.njabl.org internet address = 69.28.95.66
Receiving different results
Different databases may show different results. In the following example, the sbl.spamhaus.org service does not identify the same IP address as a spam source.> 103.47.66.81.sbl.spamhaus.org
Server: [your server]
Address: [your server IP address]
*** ns-cache0.oleane.net can't find 103.47.66.81.sbl.spamhaus.org: Non-existent domain
Note that if you configure multiple RBL/ORDBL/DNSBL services on the FortiGate unit, the first positive Spam hit returned by any service, is sufficient to mark the email as Spam. That is, all configured RBL/ORDBL/DNSBL services will have to return a negative result before the incoming email is not considered as spam
相关文章推荐
- Mike Meyers' A+ Guide to Managing and Troubleshooting PCs Lab Manual, Second Edition
- Interlude: Troubleshooting for Failed to Declare Table-type Variables
- Troubleshooting Upgrade and CU Batch jobs stuck in a waiting status in Dynamics AX 2012
- Troubleshooting C/C++ Isolated Applications and Side-by-side Assemblies
- Troubleshooting Segmentation Violations/Faults
- TroubleShooting The virtual machine could not be started because the hypervisor is not running
- 开发那点事系列二 - ClassLoader trouble shooting references
- TroubleshootingOraclePerformance
- Peeking into Linux kernel-land using /proc filesystem for quick’n’dirty troubleshooting
- TransactionScope Troubleshooting
- Basic Network Troubleshooting
- Tomcat配置、管理和问题解决 | Tomcat Configuration, Manangement and Trouble Shooting
- Troubleshooting Sandboxed Solutions in SharePoint 2010
- Linux TroubleShooting
- Checkpoint Tuning and Troubleshooting Guide [ID 147468.1]
- Java - Get Started with Trouble Shooting
- Deadlock Troubleshooting - Trace 1222
- [转]Troubleshooting Error 18456
- Troubleshooting Partitions and File Systems[分区和文件]
- SignalR Troubleshooting