• Home
• About
• Usage
• Removal
• Stats
• Subscription

Configuring SpamRATS on Postfix

To see if you qualify for free usage of the SpamRATS Reputation lists, please review our Terms of Service.

For deeper insight into what the SpamRATS RBLs are about, check out our whitepaper.

How to configure SpamRATS RBLs on Postfix MTA

Postfix can be configured to check the IP address of incoming messages with the SpamRATS RBL. This can be done with the smtpd_recipient_restrictions parameter found in the main Postfix configuration file. Usually this file is located at /etc/postfix/main.cf. If the smtpd_recipient_restrictions parameter does not already exist in the file, you will have to add it.

For example using the individual SpamRATS RBLs:

smtpd_recipient_restrictions =
      ...
      reject_rbl_client noptr.spamrats.com,
      reject_rbl_client spam.spamrats.com,
      reject_rbl_client dyna.spamrats.com,
      ... 

NOTE: Do NOT use the RATS-Auth return code for Inbound Email!

How to configure SpamRATS RBLs on Plesk (with Postfix MTA)

In cases where Postfix is used with a Plesk web panel, the SpamRATS RBLs can be configured by running the following terminal commands as root:

      plesk bin mailserver --add-maps-zone dyna.spamrats.com
      plesk bin mailserver --add-maps-zone noptr.spamrats.com
      plesk bin mailserver --add-maps-zone spam.spamrats.com

These commands will modify your "main.cf" ( smtpd_client_restrictions = ... ) from Postfix with the desired maps-zones, which Plesk will never change in case of any updates or patches, because your modification is as well stored in Plesk database table "ServiceNodeConfiguration".

Afterwards, you will need to ensure that that the "DNS blackhole" protection is enabled:
Plesk Admin Panel >> Tools & Settings >> Mail Server Settings >> Settings
  Turn on spam protection based on DNS blackhole lists

How to configure SpamRATS Authentication RBL on Postfix

Postfix can be configured to check the connecting IP address to the submission port (587) with the SpamRATS RBL. This can be done by configuring the submission service line found in the master Postfix configuration file. Usually this file is located at /etc/postfix/master.cf. If the submission service line does not already exist in the file, you will have to add it.

submission inet n       -       y       -       - smtpd
      -o smtpd_tls_security_level=encrypt
      -o smtpd_sasl_auth_enable=yes
      -o smtpd_delay_reject=no
      -o { smtpd_client_restrictions = reject_rbl_client auth.spamrats.com=127.0.0.43, permit }
      -o { smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, reject }

Warning: Please remember that you will NOT be able to use public DNS servers to query our data. You will need your own DNS servers in place that clearly identifies who is making the query before we can allow you access to the SpamRATS DNSBL Public Mirrors. With a subscription, there are alternative ways to get data.

Blocked Users

You may find that your ability to query the SpamRATS DNSBL Public Mirrors has been restricted. This could be due to the usage not falling within our Terms of Service. Before restricting any queries we try to reach out via email. Please check to see if you received an email from sales@mthreat.com at your public email address. If you have received the message, please reply to it.

If you would like to continue using the SpamRATS RBLs, please contact us and include the IP(s) that you used to query in your email.

Go back to Usage page

---

Many thanks to our Sponsors, Subscription Holders, Users and Contributors.