How to add new real-time blacklists (RBLs) to Endian Firewall 2.1.2

Posted by on Feb 6, 2008 in Endian Firewall | 0 comments

One of the great things about Endian Firewall is the ability to use real-time blacklists (RBLs) to keep spammers off your mail server.

Endian Firewall 2.1.2 ships with a number of good RBLs. I’ve seen good results with Spamcop and the Spamhaus Zen list.

I wanted to add the Passive Spam Block List, but it is not an option in the Endian UI. Here is how I did it:

1. Log in to the shell as root. You can do this via SSH or by logging into the console.

2. Move to the /var/efw/smtpd/default directory

3. Edit the file RBL. I would not recommend removing any entries, only adding new ones. I don’t know how Endian works behind the scenes and wouldn’t want to break it.

The format is pretty simple:

RBL url|RBL name|<IP or DOMAIN>|Link url|

I’m not totally positive about the RBL url coming first or the name coming first. It is safest just to use the same value for both fields.

So an entry for the psbl.surriel.com looks like:

psbl.surriel.com|psbl.surriel.com|IP|http://psbl.surriel.com

After I edited the file RBL, it showed up the next time I went to the Endian administration site.

Here is a screenshot of the newly added real-time blacklist in the Endian Firewall UI:

Endian Firewall with newly added real-time blacklist - screenshot

I chose the Passive Spam Block list because of the excellent review it received.

The review site seems to be a good resource for evaluating the usefulness of RBLs.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>