Menu

Main Page

SPEWS FAQ

SPEWS News

Using SPEWS

Simple Doublecheck

Email Filtering

Packet Reject

DNS Deny

HTTP Reject

DSBL

ORDB

SORBS

Easynet

Osirusoft

Dorkslayers

Spamhaus Block List

Unsecured Proxies List

Others

Brightmail

Cloudmark

SpamBouncer

Declude

Praetor

Vamsoft ORF

BCware NoSPAM

SpamAssassin

CommuniGate

MessageWall

Nexor Mailer

VOP Mail Filter

XWall

IronMail

Postini

Power Tools

MDaemon

Merak Mail Server

Clearswift SpamActive

CanIT

SurfControl

SAproxy

eSafe

GFI MailEssentials

Spamhaus

Spamsites

Samspade

SpamCop

Netdemon

OpenRBL

Cauce

Spamlaws

Spam Cases

FTC.gov/spam

Suespammers

AboutSpam

Anti-spam FAQ

SpamFAQ

Abuse Net

Spam Links

NANAE Archive

Email Filtering

Until recently, only individuals, companies, or internet service providers who ran their own mailservers were able to use the methods documented below to filter with SPEWS. Email users who did not have this capability, but had access to a "shell" account, could use SpamBouncer for an alternative method of filtering using DNS lookups and SPEWS.

Now there are new methods being provided to people using the Windows^® operating system to filter on an individual basis. Check this link to learn about client-side POP email filtering options.

We also recommend that all people bothered by spam contact their internet service providers and request they add some sort of filtering or spam-tagging to their incoming email systems. Several spam filtering choices are listed and discussed on the SPEWS FAQ page.

DNS lookup based filtering

The preferred way to automatically use the SPEWS list to filter email is by using a DNS query based system (DNSBL). This works by taking the IP address of the incoming email server (the SMTP mailserver talking to your mailserver) and checking it against a DNS zone version of the SPEWS list. If the IP address is found, your mailserver can either discard the email, bounce it back to the sender, or tag it as possible spam.

SPEWS does not provide a publicly available zone to query. The easiest way to use the SPEWS list this way is to use the DNS lookup based filtering provided by Relays.Osirusoft.com (free), or spews.bl.reynolds.net.au (free, after registration) the SPEWS Level 1 data (see FAQ) is included in their free to use multi-zone spam prevention databases. Although we highly recommend using every zone they offer to filter with, you can, if you wish, DNS test against the SPEWS zone only. Access it via the "reversed IP" lookup standard (as used with all MAPS type lookups):

a.b.c.d.spews.relays.osirusoft.com

2.0.0.127.spews.relays.osirusoft.com

Other systems may soon follow and offer this zone for DNS lookups. SPEWS does welcome offers and notifications posted to the normal email abuse forums.

This DNS lookup system is the same one used to query open-relay advisory lists such as ORDB. One can use the same methods they recommend to implement SPEWS filtering from any DNSBL system that provides it. Newer versions of popular mailserver software (Exim, Sendmail, Postfix, etc) normally require only a simple change to a configuration file.

The fastest way to use SPEWS via DNS lookup is to set up ones own DNS server and mirror one of the DNS systems that include SPEWS. This way queries can take place locally and greatly accelerate the checking of incoming SMTP IP addresses. A very simple and fast system can be created using the tinydns or rbldns DNS servers and SPEWS data compiled into a compatible format located at spfilter.sourceforge.net.

Mailserver based filtering

If one does not have a way to do DNS queries of a DNSBL system that includes SPEWS data, one can still use the list. This involves configuring ones mailserver's "access" or "deny" files with the data in the format they require. Several popular mailserver file formats are created and provided by spfilter.sourceforge.net. One must remember that the SPEWS data is not a static list, but is updated on a regular basis. Proper use of the list requires that users keep downloading and using the latest version. This procedure should, in most cases, be automated.