The "No More Funn" blocking list (DNSBL zone no-more-funn.moensted.dk) was run by a gentleman from Denmark using the alias dr. Jørgen Mash. First observed in 2002, listing criteria included spam sources, IP address ranges that appeared dynamic, bulk mailers not required confirmed opt-in (double opt-in) and more. It was easy for email service providers (ESPs) to end up listed there, and ESP clients would often ask about those listings because they would show up in DNSBL lookups, though it's not clear that the list was widely used for spam blocking.
At some point in 2012, the list was taken offline. At the end of 2015, the website reports that the list is still offline. Thus, I'm going to call this one "dead."
All about DNSBLs, aka blocklists/blacklists // Since 2001 // Published by Al Iverson
Thanks for visiting! Remember that nowadays, (most) blocklists don't really govern deliverability and inbox placement. Want to learn more about email marketing best practices, email technology, and deliverability troubleshooting? Then you'll want to check out my other site, Spam Resource. |
What is blacklist.zap?
Here's a blast from the past: Remember blacklist.zap?
There were various "blacklist.zap" lists and they were all indicative of blocking when sending to mailboxes hosted behind "FrontBridge" anti-spam and security protection:
There were various "blacklist.zap" lists and they were all indicative of blocking when sending to mailboxes hosted behind "FrontBridge" anti-spam and security protection:
- The list 85.blacklist.zap specifically referred to FrontBridge's use of the Composite Blocking List (CBL). If you were blocked by 85.blacklist.zap, it meant that your sending IP address was listed on the CBL.
- The list 86.blacklist.zap specifically referred to FrontBridge's use of the Spamhaus Block List (SBL). If you were blocked by 86.blacklist.zap, it meant that your sending IP address was listed on the SBL.
- The list 87.blacklist.zap specifically referred to FrontBridge's use of the Spamhaus Exploits Block List (SBL). If you were blocked by 87.blacklist.zap, it meant that your sending IP address was listed on the XBL.
- The list 88.blacklist.zap specifically referred to FrontBridge's own internally-generated blacklist of sending IP addresses noted to be spammy, usually based on a high percentage of mail from that IP address being denoted as spammy.
FrontBridge was later acquired by Microsoft and I think it's been a long time since anybody has seen blacklist.zap blocking in a bounce message, but I thought it would be good to keep a record of this for posterity's sake.
Status of dnsbl.burnt-tech.com: DEAD
Uh-oh! On or about September 19th, the domain burnt-tech.com seems to have expired. Now when you visit the website, you are informed that the domain is for sale. Also, you'll now find a wildcard A record in DNS, meaning that any lookup of any host name in DNS under burnt-tech.com will result in a positive response being returned.
The net result here is that due to the domain now having a wildcard A record, any users of the Burnt Tech DNSBL now find that they are blocking all inbound mail. If you were using the dnsbl.burnt-tech.com blocking list to filter inbound spam, you'll need to remove it from your mail server or spam filter configuration immediately, as it is going to impede your ability to receive any mail.
Reviewing Internet Archive versions of the Burnt Tech DNSBL website, it appears that the list has been in action since at least 2006. From a 2015 archived copy of the website: "The Block List runs entirely automated and designed to avoid listings of spamtrap hits due to bounces of forged spam, virus bounces, and "real" mail servers emitting the occasional spam. It tries very hard to avoid listing legitimate mail sources. It does not attempt to list every possible spam source."
No other information was available regarding ownership, listing criteria or history of this DNSBL.
(H/T: Matthew Vernhout)
The net result here is that due to the domain now having a wildcard A record, any users of the Burnt Tech DNSBL now find that they are blocking all inbound mail. If you were using the dnsbl.burnt-tech.com blocking list to filter inbound spam, you'll need to remove it from your mail server or spam filter configuration immediately, as it is going to impede your ability to receive any mail.
Reviewing Internet Archive versions of the Burnt Tech DNSBL website, it appears that the list has been in action since at least 2006. From a 2015 archived copy of the website: "The Block List runs entirely automated and designed to avoid listings of spamtrap hits due to bounces of forged spam, virus bounces, and "real" mail servers emitting the occasional spam. It tries very hard to avoid listing legitimate mail sources. It does not attempt to list every possible spam source."
No other information was available regarding ownership, listing criteria or history of this DNSBL.
(H/T: Matthew Vernhout)
Status of truncate.gbudb.net: ALIVE
The "Truncate" DNSBL (zone truncate.gbudb.net) lists IPv4 addresses that have been observed transmitting "email containing spam, scams, viruses, or other malware based on statistics in the global GBUdb network." This "Good, Bad, Ugly database (GBUdb)" is a "real-time collaborative IP reputation system," based on statistics collected by email threat protection software Message Sniffer.
If you're listed on the Truncate DNSBL, can you request removal? No, explains the website. IP addresses are removed automatically, usually within a couple of days of the bad activity having ceased. They warn, however, that in some instances, if enough bad activity was denoted, it may take longer for an IP address to automatically disappear from their list.
Have any more information you'd like to share about this blocking list? Please feel free to contact me and I'll be happy to update this page with your additional information.
If you're listed on the Truncate DNSBL, can you request removal? No, explains the website. IP addresses are removed automatically, usually within a couple of days of the bad activity having ceased. They warn, however, that in some instances, if enough bad activity was denoted, it may take longer for an IP address to automatically disappear from their list.
Have any more information you'd like to share about this blocking list? Please feel free to contact me and I'll be happy to update this page with your additional information.
Status of dul.ru: DEAD
As noted by participants of the SDLU mailing list, the Russian Dial-up User List at the domain dul.ru is no more.
The Russian Dial-up User List website is no longer to be found at dul.ru; when you visit that domain you find a simple Russian-language "this domain is for sale" page.
As of May 19, 2015, this domain seems to have been set to "wildcard" status in DNS. This means that DUL.ru is effectively "listing the world;" any site still using the DUL.ru DNSBL zone will reject all inbound mail until this DNSBL is removed from that mail server's configuration.
The Russian Dial-up User list appears to have been a dialup or dynamic blocking list. The intent of this type of anti-spam tool is usually to block SMTP connections from hosts that aren't typically expected to be running mail services.
H/T: Neil Schwartzman
The Russian Dial-up User List website is no longer to be found at dul.ru; when you visit that domain you find a simple Russian-language "this domain is for sale" page.
As of May 19, 2015, this domain seems to have been set to "wildcard" status in DNS. This means that DUL.ru is effectively "listing the world;" any site still using the DUL.ru DNSBL zone will reject all inbound mail until this DNSBL is removed from that mail server's configuration.
The Russian Dial-up User list appears to have been a dialup or dynamic blocking list. The intent of this type of anti-spam tool is usually to block SMTP connections from hosts that aren't typically expected to be running mail services.
H/T: Neil Schwartzman
Subscribe to:
Posts (Atom)