This is a very simple setup for those who have a lab environment where they do not want to be connected to the public Internet while doing the testing.
The way dnsbl works is that when a connection is made to your mail server, it will take the client’s IP address, reverse it, append a domain onto it, and do a dns A or TXT record lookup for that name.
For example, if a spammer’s IP is 10.4.17.108, and you are using spam.list.com as your dnsbl site, your MTA will do a query for 184.108.40.206.spam.list.com. If the query returns positive, it means that the IP address is listed in the blackhole list and that mail should be rejected.
So the first thing you will need to do is set up a simple dns server. You can find out how to do that by consulting the DNS & Bind book or http://docs.sun.com/db/doc/816-7511 or various other sources.
Then, you need to set up a zone. Here's a sample: # cat /var/named/spam.list.com $TTL 86400 @ 1D IN SOA @ root ( 42 ; serial 3H ; refresh 15M ; retry 1W ; expiry 1D ) ; minimum NS localhost. A 10.4.16.11
220.127.116.11 IN A 127.0.0.2 18.104.22.168 IN TXT "10.4.17.108 is listed in spam.list.com"
With this in tact, all you need to do is set up your MTA to use spam.list.com for dnsbl calls.