Consulting djbware Publications

rblsmtpd - Defer and/or block mail from RBL-listed sites and unwanted sources

Purpose

rblsmtpd is a minimalistic SMTP email server, faking an email sessions while doing some (DNS) lookups for Relay Black List and Relay White List servers and responding to the connecting client or calling the main (E)SMTPD server, typically qmail-smtpd.

rblsmtpd is additional able to defer the SMTP connection for a defined time period, called Greedelay. Further, RBL decisions may be forwarded to the called program in interrogation mode.

The way rblsmtpd operates depends on the contents of the envrionment variables RBLSMTPD and GREETDELAY.

Feeding rblsmtpd with connection information

In order to operate, rblsmtpd needs to receive IP and DNS information for the SMTP connection it is called for. While historically inetd or xinetd is used, a typical choice would be

  1. tcpserver or
  2. sslserver in case TLS connections are required.

Both servers can be adviced to populate the required environment variables TCPREMOTEIP and TCP6REMOTEIP per connection and potentially do a DNS lookup for TCPREMOTEHOST for this very SMTP connection.

From the given TCPREMOTEIP and TCP6REMOTEIP information rblsmtpd constructs the 'reverse IP name' for the lookup in the RBL/white list, even for IPv6 addresses.

Setting up black or white lists

Upon call, rblsmtpd can be instructed to contact several RLB or white list sources in 'fail-open' or 'fail-close' mode:

Any number of -r and -a options may be supplied. rblsmtpd tries each source in turn until it finds one that lists or anti-lists for TCPREMOTEIP.

rblsmtpd -W -r ix.dnsbl.manitu.net -r sbl-xbl.spamhaus.org \

If you want to run your own RBL or anti-RBL source for rblsmtpd, you can use rbldns from the DJBDNSCurve6 package.

Triggering activation of rblsmtpd

rblsmtpd's activity is triggered by two different environment variables:

  1. RBLSMTP: Causing RBL lookup, defining response mode, and providing response information.
  2. GREETDELAY: Defining and setting the Greetdelay.

Normally rblsmtpd runs under sslserver or tcpserver and you can use tcprules to set RBLSMTPD and/or GREETDELAY for selected clients:

::1:allow,RBLSMTPD="" 127./8:allow,RBLSMTPD="" =salsa.cs.uic.edu:allow,RBLSMTPD="",GREETDELAY="0" :allow,RBLSMTPD="-We don't accept mails from MX with missing DNS PTR or DNS A/AAAA record."
rblsmtpd with RBLSMTPD set

Given RBLSMTPD, the following behavior of rblsmtpd can be achieved:

rblsmtpd with GREETDELAY

Asking rblsmtpd for greetdelay depends on the follow settings:

rblsmtpd client messages

Apart from triggering rblsmtpd, RBLSMTPD has a combined usage:

The global behavior of rblsmtpd can be given invoking it with the following argument:

rblsmtpd unblocking mode

rblsmtpd if not adviced by RBLSMTPD to reject a SMTP connection simply will call prog to continue with the SMTP dialoge.

Interrogation Mode

rblsmtpd may be used to only query RBLs and to present this to prog in interrogation mode.