To see if you qualify for free usage of the SpamRATS Reputation lists, please review our Terms of Service.
For deeper insight into what the SpamRATS RBLs are about, check out our whitepaper.
SpamRATS IP Reputation lists are purposed to be used strictly for mail servers, unless otherwise noted. Also, it should be used to check the IP of the remote connecting server (viz. the IP of the external server that connects to your mail server).
It is NOT recommended to use SpamRATS in any other way. This includes:
If you utilize SpamRATS in any of the above ways, or for a non-mail server, you will run the risk of affecting legitimate traffic. SpamRATS is not responsible for the inability of Users to access services due to the above reasons.
SpamRATS IP Reputation lists are very simple and easy to use. You can access our public lists just like any other RBL. Most mail servers support this functionality.
For filtering inbound email, the following lists should be used:
For protection against suspicious logins:
RATS-Auth can be used to block ANY authentication attempts, whether SMTP, IMAP, POP, or even other services such as SSH or XMPP. It is not strictly limited to mail servers.
Alternatively you can also perform a single query to our RATS-All RBL instead of making a separate query for each SpamRATS RBL. One query can provide you with the information on whether it is listed in one of the above RBLs. This reduces the bandwidth usage and latency on both sides.
Postfix can be configured to check the IP address of incoming messages with the SpamRATS RBL. This can be done with the smtpd_recipient_restrictions parameter found in the main Postfix configuration file. Usually this file is located at /etc/postfix/main.cf. If the smtpd_recipient_restrictions parameter does not already exist in the file, you will have to add it.
For example using the individual SpamRATS RBLs:
smtpd_recipient_restrictions = ... reject_rbl_client noptr.spamrats.com, reject_rbl_client spam.spamrats.com, reject_rbl_client dyna.spamrats.com, ...
or alternatively using the consolidated SpamRATS RBL:
smtpd_recipient_restrictions = ... reject_rbl_client all.spamrats.com=127.0.0.37, reject_rbl_client all.spamrats.com=127.0.0.38, reject_rbl_client all.spamrats.com=127.0.0.36, ...
NOTE: Do NOT use the RATS-Auth return code for Inbound Email!
Postfix can be configured to check the connecting IP address to the submission port (587) with the SpamRATS RBL. This can be done by configuring the submission service line found in the master Postfix configuration file. Usually this file is located at /etc/postfix/master.cf. If the submission service line does not already exist in the file, you will have to add it.
submission inet n - y - - smtpd -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_delay_reject=no -o { smtpd_client_restrictions = reject_rbl_client auth.spamrats.com=127.0.0.43, permit } -o { smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, reject }
You may find that your ability to query the SpamRATS DNSBL Public Mirrors has been restricted. This could be due to the usage not falling within our Terms of Service. Before restricting any queries we try to reach out via email. Please check your public facing contact email addresses for an email from sales@spamrats.com and reply to it.
If you would like to continue using the SpamRATS RBLs, please contact us and include the IP(s) that you used to query in your email.