How to add RBL on Zimbra Server?

A DNS-based Blackhole List (DNSBL) or Real-time Blackhole List (RBL) is an effort to stop email spamming. It is a “blacklist” of locations on the Internet reputed to send email spam. The locations consist of IP addresses which are most often used to publish the addresses of computers or networks linked to spamming; most mail server software can be configured to reject or flag messages which have been sent from a site listed on one or more such lists. The term “Blackhole List” is sometimes interchanged with the term “blacklist” and “blocklist”.

A DNSBL is a software mechanism, rather than a specific list or policy. There are dozens of DNSBLs in existence, which use a wide array of criteria for listing and delisting of addresses. These may include listing the addresses of zombie computers or other machines being used to send spam, ISPs who willingly host spammers, or those which have sent spam to a honeypot system.

Since the creation of the first DNSBL in 1997, the operation and policies of these lists have been frequently controversial, both in Internet advocacy and occasionally in lawsuits. Many email systems operators and users[4] consider DNSBLs a valuable tool to share information about sources of spam, but others including some prominent Internet activists have objected to them as a form of censorship. In addition, a small number of DNSBL operators have been the target of lawsuits filed by spammers seeking to have the lists shut down.[Wiki]

What is Zimbra?

In case you haven’t used or heard of Zimbra,

Zimbra is an enterprise-class email, calendar and collaboration solution built for the cloud, both public and private. With a redesigned browser-based interface, Zimbra offers the most innovative messaging experience available today, connecting end users to the information and activity in their personal clouds.

It provides:

1. Messaging and Collaboration
2. Advanced, Integrated Web Experience
3. Simplified Administration
4. Anywhere, Any Device

Zimbra’s Open Source Community

Since the inception, Zimbra has been a community. All of Zimbra Collaboration Open Source Edition software, documentation and innovation has been created, tested, used, and discussed openly by people like you participating in our Open Source Community. It’s contributors diagnose bugs, fix bugs, translate programs, submit patches, point out deficiencies in documentation, answer community questions, submit killer applications, alert Zimbra to something that needs tweaking, and write new software. No matter how you contribute, Zimbra welcomes new ideas and contributions for the advancement of greater shared knowledge and a better Zimbra Collaboration product.

See more here:

Add RBL check on Zimbra

Login to email server and su youreself to zimbra user.

# su - zimbra

Check current settings

$ zmprov gacf | grep zimbraMtaRestriction

Output:

zimbraMtaRestriction: reject_non_fqdn_sender
zimbraMtaRestriction: reject_non_fqdn_sender

Currently reject_non_fqdn_sender and reject_non_fqdn_sender is set.

Add a test RBL server

Adding cbl.abuseat.org

$ zmprov mcf \
zimbraMtaRestriction reject_invalid_helo_hostname \
zimbraMtaRestriction reject_non_fqdn_sender \
zimbraMtaRestriction "reject_rbl_client cbl.abuseat.org"

I used \ to break the lines. You can do it all in one line if you feel like.

$ zmprov mcf zimbraMtaRestriction reject_invalid_helo_hostname zimbraMtaRestriction reject_non_fqdn_sender zimbraMtaRestriction "reject_rbl_client cbl.abuseat.org"

Test Output:

$ zmprov gacf | grep zimbraMtaRestriction
zimbraMtaRestriction: reject_non_fqdn_sender
zimbraMtaRestriction: reject_invalid_helo_hostname
zimbraMtaRestriction: reject_rbl_client cbl.abuseat.org

Adding multiple RBL servers in Zimbra

Going full on retard with RBL check

$ zmprov mcf \
zimbraMtaRestriction reject_invalid_helo_hostname \
zimbraMtaRestriction reject_non_fqdn_sender \
zimbraMtaRestriction reject_invalid_hostname  \
zimbraMtaRestriction "reject_rbl_client sbl.spamhaus.org" \
zimbraMtaRestriction "reject_rbl_client bl.spamcop.net" \
zimbraMtaRestriction "reject_rbl_client dnsbl.sorbs.net" \
zimbraMtaRestriction "reject_rbl_client cbl.abuseat.org" \
zimbraMtaRestriction "reject_rbl_client dnsbl.njabl.org"

New Output:

$ zmprov gacf | grep zimbraMtaRestriction
zimbraMtaRestriction: reject_invalid_helo_hostname
zimbraMtaRestriction: reject_non_fqdn_sender
zimbraMtaRestriction: reject_invalid_hostname
zimbraMtaRestriction: reject_rbl_client sbl.spamhaus.org
zimbraMtaRestriction: reject_rbl_client bl.spamcop.net
zimbraMtaRestriction: reject_rbl_client dnsbl.sorbs.net
zimbraMtaRestriction: reject_rbl_client cbl.abuseat.org
zimbraMtaRestriction: reject_rbl_client dnsbl.njabl.org

List of RBL servers:

Don’t go full retard with RBL in Zimbra; quite often some RBL servers blacklist good domains for absolutely no reasons (unexplained); so test; test; test until you have the best combination. Here’s a list of all the RBLs/DNSBls you can check your mail servers against(mostly free):

1. b.barracudacentral.org
2. bl.emailbasura.org
3. bl.spamcannibal.org
4. bl.spamcop.net
5. blackholes.five-ten-sg.com
6. blacklist.woody.ch
7. bogons.cymru.com
8. cbl.abuseat.org
9. cdl.anti-spam.org.cn
10. combined.abuse.ch
11. combined.rbl.msrbl.net
12. db.wpbl.info
13. dnsbl-1.uceprotect.net
14. dnsbl-3.uceprotect.net
15. dnsbl.ahbl.org
16. dnsbl.inps.de
17. dnsbl.sorbs.net
18. drone.abuse.ch
19. drone.abuse.ch
20. duinv.aupads.org
21. dul.dnsbl.sorbs.net
22. dul.ru
23. dyna.spamrats.com
24. dynip.rothen.com
25. http.dnsbl.sorbs.net
26. images.rbl.msrbl.net
27. ips.backscatterer.org
28. ix.dnsbl.manitu.net
29. korea.services.net
30. misc.dnsbl.sorbs.net
31. noptr.spamrats.com
32. ohps.dnsbl.net.au
33. omrs.dnsbl.net.au
34. orvedb.aupads.org
35. osps.dnsbl.net.au
36. osrs.dnsbl.net.au
37. owfs.dnsbl.net.au
38. owps.dnsbl.net.au
39. pbl.spamhaus.org
40. phishing.rbl.msrbl.net
41. probes.dnsbl.net.au
42. proxy.bl.gweep.ca
43. proxy.block.transip.nl
44. psbl.surriel.com
45. rbl.interserver.net
46. rbl.megarbl.net
47. rdts.dnsbl.net.au
48. relays.bl.gweep.ca
49. relays.bl.kundenserver.de
50. relays.nether.net
51. residential.block.transip.nl
52. ricn.dnsbl.net.au
53. rmst.dnsbl.net.au
54. sbl.spamhaus.org
55. short.rbl.jp
56. smtp.dnsbl.sorbs.net
57. socks.dnsbl.sorbs.net
58. spam.abuse.ch
59. spam.dnsbl.sorbs.net
60. spam.rbl.msrbl.net
61. spam.spamrats.com
62. spamlist.or.kr
63. spamrbl.imp.ch
64. t3direct.dnsbl.net.au
65. tor.ahbl.org
66. tor.dnsbl.sectoor.de
67. torserver.tor.dnsbl.sectoor.de
68. ubl.lashback.com
69. ubl.unsubscore.com
70. virbl.bit.nl
71. virus.rbl.jp
72. virus.rbl.msrbl.net
73. web.dnsbl.sorbs.net
74. wormrbl.imp.ch
75. xbl.spamhaus.org
76. zen.spamhaus.org
77. zombie.dnsbl.sorbs.net

Reference

• MTA Functionality
• Anti-spam Strategies