You've signed up for the Spamhaus Data Query Service (DQS), made a coffee, tinkered under the hood of your email server, made some changes to your configuration, and "tada" our DNSBLs should be protecting your emails. BUT...what if there was a small error in that config? That's not a problem; there's now a tool to test if your email servers have the correct configuration to use the Spamhaus blocklists.

Way back last century

Many moons ago, in 1999, Russ Nelson designed a tool to test DNS-based spam blocks on www.crynwr.com. This tool worked for IP-based blocklists at the SMTP level, with users interacting through email or telnet. However, the Crynwr tester was retired in 2019.

Meet the Blocklist Tester

The Spamhaus Blocklist Tester (BLT) builds on Russ Nelson’s concept, but it also tests domain and hash blocklists alongside message content in addition to IP blocklists. This is all done via a simple-to-use website interface.

How does the BLT work?

The BLT attempts to deliver emails to your server by connecting from internet resources listed in our blocklists, e.g., IP addresses. The anticipated outcome is that your email server should reject all these emails – well, there are some exceptions to that rule, but we’ll come to that later.

You can perform two types of tests either individually or together, although we recommend running the SMTP test initially:

  • SMTP tests – these test SMTP-level filtering, where rejections to malicious emails are made before they can be delivered.
  • Content tests – these are based on the content scanning of email headers and bodies. Where your system configuration is set to reject based on content, this tool will classify the results as for the SMTP tests. However, (and here’s the exception we referred to earlier) if your system set up tags potentially malicious messages and/or delivers them into a particular folder, then you will need to check that these emails have been processed as you would expect.

After undertaking a test, which you can run for either the Data Query Service or the Public Mirrors, a full report is displayed, showing the result of every test email sent:

Where there are issues and emails have been delivered that shouldn’t have been, you can click through to get a full report of the SMTP exchange to assist with troubleshooting:

How to use the Blocklist Tester

We’ve tried to make this tool simple to use while providing as much information as possible to help you resolve any issues you might be experiencing with your set up.

1. Registration

  • Go to the home page, enter the email address for the server you want to test, and click “Access Portal.”
  • The BLT will execute an MX Probe test. The probe sends the following SMTP commands but does not deliver an email: EHLO, MAIL FROM, RCPT TO, QUIT.
  • If the MX Probe can confirm that the host is responsive and accepting messages for the email address, the outcome is “good,” and we send a verification email to your registered email address.
  • The verification email contains a link to log in. You can use this link to access the portal as many times as you want.
  • If you aren’t receiving a verification email, we provide some diagnostics of the MX Probe test we’ve performed. To view these, click ‘View delivery details.”

2. Testing

  • Once you’ve accessed the test page, you can run tests on either the Data Query Service or the Public Mirrors.
  • Select which of the following tests you would like to complete: SMTP test emails, Content test emails, or both, and click on “Run Test.”
  • The DNS mail exchanger (MX) records identify the servers which accept mail for a domain. The BLT finds all MX hosts for the email address and repeats the same test sequence for each one.

3. Reports

  • The “Blocklist test report” will take some time to complete. However, you can see each test email result update in real time.
  • Where you want further detail on a result, click on the icon, and this will take you to the “Test email” page, which outlines the SMTP exchange for that particular test.

We hope you find this tool helpful.

As always, we’d love to hear your feedback on it via the contact form in the Blocklist Tester.

Happy testing.

 

 

Related products

The Blocklist Tester

To ensure our DNSBLs protect your email stream, a simple tool is available called the Blocklist Tester. It’s quick and easy to use; once you have verified an email address associated with your email server, test emails are sent. These emails contain resources listed on our blocklists and should be rejected.

Once the test is complete, a full detailed report is available, and the SMTP exchange of each email sent is available to help you understand where any problems may lie in your configuration.

  • It's free to use for any Spamhaus DNSBL user
  • Multiple test scenarios - SMTP, content or both
  • Detailed test reports for troubleshooting

Data Query Service (DQS)

Spamhaus’ Data Query Service (DQS) is an affordable and effective solution to protect your email infrastructure and users.

Using your existing email protection solution, you will be able to block spam and other related threats including malware, ransomware, and phishing emails.

The service has never failed and utilizes the longest established DNSBLs in the industry.

  • Proactive & preventative
  • Save on email infrastructure & management costs
  • Actionable

Resources

Busting Blocklist Myths

29 January 2021

Blog

There are various comments bandied about with some regularity relating to Domain Name System Blocklists (DNSBLs). So, we thought it was about time to provide some truths when it comes to blocklists and dispel these myths.

BEST PRACTICE | DNSBLs and email filtering – how to get it right

27 January 2021

Best Practice

There are multiple benefits to using blocklists, reducing infrastructure costs, and workforce hours to increasing catch rates. However, to get the most from DNSBLs, it's vital to use them at the right points in your email filtering process.

Email blocklists – buy cheap, buy twice!

29 October 2019

Blog

As IT budgets and resources are squeezed it's understandable to shop around, be it for hardware, software, or threat intelligence data, for that matter. But beware...not all email blocklists (DNSBLs) are equal.