Those services can be added via Exchange's GUI. In the version of 2003 it will be: "Exchange System Manager -> Global Settings -> Message Delivery -> Properties -> Connection Filtering". There's the list.
To know which server to addIn an email client open a spam email source code and/or look for the email's headers. Locate a "Received:" header line which contents the IP of the last SMTP node which sent this email to your server (usually it's one of the top header rows).
Open this site http://mxtoolbox.com/blacklists.aspx in a browser and enter that discovered IP from the headers in the query.
If the sender IP is listed on a DNSBL it knows, that will be shown.
Open the DNSBL web site and look for the DNSBL URI request suffix (can be tricky, but if the service is free it should be there somewhere).
For example, for the DNSBL service WPBL the URI will be db.wpbl.info
Using the Exchange GUI settings add this URI to the list.
Repeat those steps some more times to add the most efficient DNSBL filters to the list
Good DNSBL servers are: PSBL (psbl.surriel.com), Barracuda (b.barracudacentral.org), Spamhous (zen.spamhaus.org), MailSpike (bl.mailspike.net), etc.
False positiveBeware, if a DNSBL server lists a ligit SMTP service. Try to do the steps above, using some valid email senders IP. If you found a server is listed on a DNSBL, exclude that DNSBL from adding to the Exchange list.
These two services often give false positive blocking: Backscatterer (ips.backscatterer.org), Sorbs (spam.dnsbl.sorbs.net)
How to made a request manually.
Say, we want to check, is a sender with this IP 184.108.40.206 is blacklisted using the DNSBL service WPBL.
First, create a PTR-like notation of the IP address, i.e. reverse all the numbers. In this case it will be 220.127.116.11
Add it to the DNSBL URI suffix. Together it will be
Issue a DNS A request, like:
If the IP is listed, the result will be like
18.104.22.168.db.wpbl.info has address 127.0.0.2
If it's not, the request will return an error.
Some DNSBL servers could also code different meanings in the returned fictional address (i.e. the last number in the returned IP address tells the story). Look in server's home site for descriptions and more info.