RBL Integration

What is RBL?

Real-time Blackhole Lists (RBLs) are databases of IP addresses known to send spam. SecZim queries these lists for each incoming email and blocks those from listed IPs.

Recommended RBL Providers

RBL Server	Description
zen.spamhaus.org	Combined SBL, XBL, PBL - most comprehensive
b.barracudacentral.org	Barracuda reputation database
bl.spamcop.net	SpamCop user-reported spam sources
dnsbl.sorbs.net	SORBS combined list

Enable RBL Checking

1. Go to Settings → RBL
2. Toggle "Enable RBL Checking"
3. Add RBL servers to use
4. Save settings

Configuration Options

• Action: REJECT or DEFER when IP is listed
• Threshold: How many lists must match (1 = any, 2+ = more strict)
• Timeout: Max time to wait for RBL response (default: 2 seconds)
• Skip Authenticated: Don't check RBL for authenticated senders

Adding Custom RBL

To add a custom RBL server:

1. Go to Settings → RBL → Add RBL
2. Enter the RBL hostname (e.g., zen.spamhaus.org)
3. Choose weight (how much this RBL counts toward threshold)
4. Enable and save

View RBL Hits

See which emails were blocked by RBL in Logs → Session Tracking. Filter by "RBL" to see only RBL blocks.

Whitelist from RBL

If a legitimate sender is incorrectly listed on an RBL:

1. Add their IP or domain to your ACL whitelist
2. Whitelisted entries bypass RBL checks

Testing RBL

Test if an IP is listed:

Troubleshooting

Too Many False Positives

• Increase the threshold (require multiple lists)
• Remove aggressive RBL providers
• Whitelist frequently blocked legitimate senders

RBL Queries Slow

• Reduce the number of RBL providers
• Decrease the timeout setting
• Consider using a local DNS cache