How to Set Up DNS Blacklisting in a Lab Environment for Test

This is a very simple setup for those who have a lab environment where they do not want to be connected to the public Internet while doing the testing.

Some background:

The way dnsbl works is that when a connection is made to your mail server, it will take the client’s IP address, reverse it, append a domain onto it, and do a dns A or TXT record lookup for that name.

For example, if a spammer’s IP is, and you are using as your dnsbl site, your MTA will do a query for If the query returns positive, it means that the IP address is listed in the blackhole list and that mail should be rejected.

So the first thing you will need to do is set up a simple dns server. You can find out how to do that by consulting the DNS & Bind book or or various other sources.

Then, you need to set up a zone. Here's a sample:
# cat /var/named/
$TTL 86400 
@ 1D IN SOA @ root (
  42 ; serial
 3H ; refresh
 15M ; retry
 1W ; expiry
 1D ) ; minimum
NS localhost.
 A IN A IN TXT " is listed in"

With this in tact, all you need to do is set up your MTA to use for dnsbl calls.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.