How do I configure my Cisco Email Security Appliance (ESA) to query public DNS-based Block Lists (DNSBL)?
PDF(6.3 KB) View with Adobe Reader on a variety of devices
Updated:August 12, 2014
Blacklists or DNS-based Block Lists (DNSBL) are lists of IP addresses used by known spammers. With AsyncOS for Email, you have the ability in a listener's HAT to define a sender group as matching a query to a specific DNS List server. The query is performed via DNS at the time of the remote client's connection.
The ability to query a remote list also exists currently as a message filter rule
This mechanism allows you to configure a sender within a group that queries a DNS List so that you can adjust your mail flow policies accordingly. For example, you could reject connections or limit the behavior of the connecting domain.
The 'dnslist' mechanism(in each Sender Groups' settings page) allows you to add a sender within a Sender Group that will query a DNS List.
Note: Be sure to include brackets in the query in the CLI. Brackets are not necessary when specifying a DNS List query in the GUI. Use the 'dnslistconfig' command in the CLI to test a query, configure general settings for DNL queries, or flush the current DNS list cache.