Please help support this service!
If you use the list and like it, please give some money to help keep it alive.

Pick your mailserver software for information on how to properly configure it. If your software isn't included in this list, a comprehensive list is available at http://www.us.sorbs.net/using.shtml. Substitute or add "bl.spamcop.net" where applicable. The response code from the SpamCop server to indicate a queried IP is listed is 127.0.0.2

We recommend that when using any spam filtering method, users be given access to the filtered mail - don't block the mail as documented here, but store it in a separate mailbox. Or tag it and provide users documentation so that they can filter based on the tags in their own MUA. We provide this information only for administrators who cannot use a more subtle approach for whatever reason.

If you don't control your mailserver configuration or prefer to have more granular control over what is blocked, please see the faq section How can I use the blocklist without mailserver configuration?

To turn on blanketed RLB checking with iPlanet Messaging 5.0+, modify the dispatcher.cnf file, adding a DNS_VERIFY_DOMAIN option.

Note there are other ways to do this with iPlanet Messaging, but this is the quickest and easiest. The disadvantage of this simpler approach is that it does the checks for all normal incoming SMTP messages including those from internal users. An alternative is to call out to dns_verify from a PORT_ACCESS mapping table or ORIG_MAIL_ACCESS mapping table. (See the iPlanet Messaging Reference Manual for additional details).

Here is an example of the iPlanet Messaging dispatcher.cnf file which is located in /msg-/imta/conf/dispatcher.cnf

[SERVICE=SMTP]
PORT=25
! turn on RBL checking (uncomment the ones you want to check.  Note there is
! a limit of 3 sources)
!
DNS_VERIFY_DOMAIN=inputs.orbz.org
DNS_VERIFY_DOMAIN=bl.spamcop.net
!DNS_VERIFY_DOMAIN=outputs.orbz.org
!DNS_VERIFY_DOMAIN=relays.ordb.org
!DNS_VERIFY_DOMAIN=orbs.dorkslayers.com
!DNS_VERIFY_DOMAIN=dev.null.dk
!DNS_VERIFY_DOMAIN=relays.osirusoft.com
!DNS_VERIFY_DOMAIN=relays.visi.com
!DNS_VERIFY_DOMAIN=rbl.maps.vix.com       (same as ENABLE_RBL=1)

If you wish the MTA to log such rejections, the 24th bit of the Dispatcher debugging DEBUG option can be set (DEBUG=16%1000000) to cause logging of the rejections to the dispatcher.log file. Log entries take the following form:

access_control: host a.b.c.d found on DNS list and rejected

Unless otherwise specified, the default dispatcher.log* file would be located in /msg-/log/imta/dispatcher.log*

A sample of what is contained when a perp is identified looks like this:

10:42:54.08 (   4): access_control: host
(25.364) 154.235.170.64.inputs.orbz.org found on DNS list
(25.364) and rejected (500 5.7.1 Open relay input.  See
(25.364) http://orbz.org/?64.170.235.154)
(25.364) 10:42:54.08 (   4): app_listen(SMTP/25): conn REJECTED from
(25.364) 64.170.235.154, descr=19
(25.364) 10:43:24.37 (   4): access_control: host
(25.365) 119.151.242.216.bl.spamcop.net found on DNS list
(25.365) and rejected (500 5.7.1 Blocked - see
(25.365) http://spamcop.net/bl.shtml?216.242.151.119)
(25.365) 10:43:24.37 (   4): app_listen(SMTP/25): conn REJECTED from
(25.365) 216.242.151.119, descr=18
(25.365)

Before the connection is closed with the perp, they see the following:

500 5.7.1 access_control: host 216.242.151.119 found on DNS list and rejected

To make your changes to the dispatcher.cnf take effect, do an imsimta restart with the following command:

# /msg-/imsimta restart

Now check your dispatcher.log* file for rejected connections if you turned on logging. That's it!

Another user has provided his setup file which uses various blocking lists, including MAPS RBL+. This can be viewed at Chad's personal mappings file

1. Add the following line to your config.m4
   FEATURE(`dnsbl', `bl.spamcop.net', `"Spam blocked see: http://spamcop.net/bl.shtml?"$&{client_addr}')dnl
   Or for later versions:
   FEATURE(`enhdnsbl', `bl.spamcop.net', `"Spam blocked see: http://spamcop.net/bl.shtml?"$&{client_addr}', `t')dnl
2. Re-compile your sendmail.cf from the config.m4
3. Re-start sendmail

Some problems have been found with later versions of Sendmail.

The easiest fix may be to use the second method above, enhdnsblk instead of dnsbl.

SpamCop uses 'rbldns' to serve it's blacklist information. Rbldns does not yet have support for IPv6, but newer versions of sendmail (8.12.0 and greater) try IPv6 before IPv4. Sendmail asks for an AAAA record instead of an A record and SpamCop rejectes the query - resulting in spam slipping through the filters.

It appears rbldns developers are working on a fix for this, but the current version (1.05) still does not have support for AAAA records (and it handles them incorrectly even though it dosn't support them). Until rbldns releases a version which fixes this problem, a patch for sendmail should be found.

For sendmail versions after 8.12.1, adding this to the config.m4 file should solve the problem:
define(`confBIND_OPTS', `WorkAroundBrokenAAAA')dnl

Another fix which has been suggested is to modify the "Kdnsbl" line of the raw sendmail.cf file:
Kdnsbl dns -R A -T

An rbldns developer has this to say, implying that sendmail, and not rbldns is really to blame for this incompatibility:

I looked at the code and tried some experiments -- rbldns sends back a REFUSED code for AAAA queries.

It's hard for me to imagine a mindset that would consider the current behavior to be wrong. I suppose maybe it wants an NXDOMAIN error instead.

1. Get the current 'tcpserver' sources from http://cr.yp.to/ucspi-tcp.html and follow the instructions on the site for setting up Qmail to work with 'tcpserver'. Most Qmail sites will probably have already done so although older sites may have to upgrade their 'tcpserver' to version 0.88 containing 'rblsmtpd' support.
2. Add "rblsmtpd -r bl.spamcop.net" to the startup arguments for 'tcpserver'. You can also run multiple DNSBLs by adding more "-r" args to it, i.e. "rblsmtpd -r bl.spamcop.net -r relays.ordb.org".
3. restart the mail server.

smtpd_recipient_restrictions =

reject_invalid_hostname,

reject_non_fqdn_sender,

reject_non_fqdn_recipient,

reject_unknown_sender_domain,

reject_unknown_recipient_domain,

reject_unauth_pipelining,

permit_mynetworks,

reject_unauth_destination,

reject_rbl_client bl.spamcop.net

permit

Another example using several BL's is available at http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt

Martijn Jongen has provided a plugin for Exchange: ORFilter

GFI MailSecurity is another option for Exchange users.

Vamsoft Open Relay Filter is another commercial option for Exchange 2000 users.

(Third party software is not supported by SpamCop)

For Exchange 2003:

Make sure you install SP2 first, as it contains some important updates for Intelligent Message Filtering.

• Display Name: spamcop
• DNS Suffix: bl.spamcop.net

1. Go into "Settings, Protection, Blacklisted IP Addresses"
2. Add "bl.spamcop.net" into the form field, under "Use Blacklisting DNS Servers (RBLs)"
3. Click Update
4. Check the box which says "Use Blacklisting DNS Servers (RBLs)"
5. Click Update

Note#1 : This can be used with SIMS v1.7 or above, though it's strongly recommended to get at least 1.8b8 from ftp://ftp.stalker.com/ -- it's stable, and has numerous additional features. This FAQ is written for 1.8b8 or above.

Note #2: This assumes one is using the HTTP administrative interface, rather than connecting with CommuniGator.

Step #1: Log into your SIMS mailserver with an account with administrative priviliges (usually postmaster).

Step #2: Select the "SMTP" tab from the left menu.

Step #3: Select the "RBL Server List" link in the bottom right.

Step #4: Enter bl.spamcop.net "See http://spamcop.net/bl.shtml" into the text field, and push "Update". (Notes in quotation marks are included in the bounce message and can be customized to each server. I've included a suggested wording.)

Step #5: Select the "SMTP" tab again from the left menu.

Step #6: Tick the "Use Blacklist DNS Server(s)" option in the bottom-center, and click "Update".

You're done!

Thanks to Pete Stephenson for these instructions.

1. Go into "acl_check_rcpt:"
2. Add:
   deny message = DNSBL listed at $dnslist_domain\n$dnslist_text
   dnslists = sbl.spamhaus.org:bl.spamcop.net:cbl.abuseat.org

The 'message' is what's sent in the SMTP error message to the client, and the
'dnslists' field is a colon seperated list of DNSBL zones.