An RBL(Real-time Blacklist), also known as a DNS-based blacklist (DNSBL), is a spam-fighting tool that maintains lists of IP addresses associated with spam-related activities. These blacklists are used by email servers to filter out spam messages before they reach users’ inboxes.
When an email server receives an incoming message, it checks the source IP address against various RBLs. If the IP address is listed on one or more RBLs, the server is more likely to block or flag the message as spam.
Here are examples of domains maintaining a list of blacklisted IPs.
- all.rbl.skudonet.com
- dnsbl.spamhaus.org
- bl.spamcop.net
- b.xbl.org
- rsbl.mail-abuse.org
- pbl.spamhaus.org
When an email server wants to check an IP address against an RBL, it will reverse the source IP address and append it to the RBL domain. For example, to check the IP address 192.168.1.100 against the SKUDONET RBL, the email server would query 100.1.168.192.all.skudonet.com
If the IP address is listed on the RBL, the Email server will return a positive response. This tells the email server that the IP address is known to be a spam source, and it will either block the message or flag it as spam.
The image below shows a list of RBL rules you can use to protect your email servers against email spammers.
The RBL rules list includes the following fields:
- Name: A unique name for the rule.
- Only Logging: When enabled, the rule does not block any traffic, but it does write logs to the syslog server.
- Farms: A list of farms to which the rule is applied.
- Status: Indicates whether the rule is Enabled or Disabled. Green for Enabled, while Red for Disabled
- Actions: Allows you to edit, start/stop, or delete the rule.
