Today, Mark E. Jeftovic of EasyDNS warned readers of the Mailop list that it is unwise to use the DNSBL "rbl.orbitrbl.com" due to a combination of abandonment and administrative issues.
He writes: "As some of you may know, we recently took over ZoneEdit.com and it's customer base.
We've found a domain on the system: rbl.orbitrbl.com which is delegated to zoneedit nameservers, broken (it is not allowed to zone transfer from it's designated master), unresponsive (account owner is not answering email, has an address in Sri Lanka and no telephone number), is using excessive queries (~ >500M queries per day on a "free dns" domain) and attracting repeated, multiple DDoS attacks.
As such, we will be wildcarding this zone and setting a long TTL fairly soon.
If you're actually using this RBL in your MTAs, now's a good time to stop. (this RBL is broken on 5 out of it's 6 delegated nameservers across 3 separate providers)."
All about DNSBLs, aka blocklists/blacklists // Since 2001 // Published by Al Iverson
Thanks for visiting! Remember that nowadays, (most) blocklists don't really govern deliverability and inbox placement. Want to learn more about email marketing best practices, email technology, and deliverability troubleshooting? Then you'll want to check out my other site, Spam Resource. |
Status of dnsbl.ahbl.org: SHUTTING DOWN
On March 26, 2014, DNSBL administrator Brielle Bruns announced that the Abusive Hosts Blocking List DNSBLs are to be shut down.
In email to me, she explained:
I've known Brielle for many years and my interactions with her have been universally positive. Congratulations on a long eleven year run with AHBL, and I hope whatever she works on next is something she finds fun and fulfilling.
In email to me, she explained:
"After quite a bit of thought and consideration, I've decided that it is time to wind down some of the AHBL's public DNSbl services - specifically the dnsbl, ircbl, and rhsbl.
We've had a good 11 year run with the lists. Times have changed -- with the deployment of IPv6 moving full speed ahead, I don't feel that the current implementation of our DNSbl services are suited to the task.
This doesn't mean that the AHBL is going away - we'll still be around, just focusing our efforts on a mix of other anti-abuse related things and a relaunch of the RHSbl (likely in 2-3 months, possibly sooner).
I look forward to continuing to work with the community, and appreciate and value the feedback I've received over the years."As a result, the lists dnsbl.ahbl.org, ircbl.ahbl.org and rhsbl.ahbl.org, and associated public look up tools are being retired.
I've known Brielle for many years and my interactions with her have been universally positive. Congratulations on a long eleven year run with AHBL, and I hope whatever she works on next is something she finds fun and fulfilling.
Status of dnsblchile.org: ALIVE
DNSBL Chile, created in 2011, appears to be a Chilean homegrown effort to tackle spamblocking from a local perspective. As they explain on their website: "Existing DNSBL services aim to block spam based on the type and origin affecting certain types of user. Chilean spam is generally ignored by these DNSBLs, mainly because of the language barrier. This raises the need for a specific DNSBL for Chile, which is able to investigate cases of spam in South-American Spanish."
The DNSBL zone is just "dnsblchile.org" and they report a few different types of responses: 127.0.0.2 and 127.0.0.3 for "verified spam sources," 127.0.0.5 for "verified scam sources," and 127.0.0.10 and 127.0.0.11 for DUL/PBL-like dynamic/"should not be running an MTA" entries.
I don't know much about this list in particular but it's always nice to see somebody attempt to address a previously segment or region's spam problem. If you have any thoughts or details around this list, don't hesitate to drop me a line.
(Crappy translation above courtesy of my high school Spanish + a little help from Google Translate.)
The DNSBL zone is just "dnsblchile.org" and they report a few different types of responses: 127.0.0.2 and 127.0.0.3 for "verified spam sources," 127.0.0.5 for "verified scam sources," and 127.0.0.10 and 127.0.0.11 for DUL/PBL-like dynamic/"should not be running an MTA" entries.
I don't know much about this list in particular but it's always nice to see somebody attempt to address a previously segment or region's spam problem. If you have any thoughts or details around this list, don't hesitate to drop me a line.
(Crappy translation above courtesy of my high school Spanish + a little help from Google Translate.)
Status of APEWS: ????
Long-standing (though not very accurate) blocking list APEWS seemed to be down for the count. Their website at www.apews.org has been down since March 15th, according to David Ritz.
My recommendation to mail administrators is to stop using APEWS. But then again, was anybody using APEWS recently, anyway?
For history's sake, here's a link to the article I published long ago, explaining what to do if you find yourself listed by APEWS.
APEWS was previously down for three weeks in August, 2010.
Update: APEWS appears to have returned somewhere around May 1st, 2013.
It goes down, it comes back up, it goes down again, it comes back up again. At this point I think we'll just call it a status of "?????"
My recommendation to mail administrators is to stop using APEWS. But then again, was anybody using APEWS recently, anyway?
For history's sake, here's a link to the article I published long ago, explaining what to do if you find yourself listed by APEWS.
APEWS was previously down for three weeks in August, 2010.
Update: APEWS appears to have returned somewhere around May 1st, 2013.
It goes down, it comes back up, it goes down again, it comes back up again. At this point I think we'll just call it a status of "?????"
Status of spamtrap.trblspam.com: DEAD
The DNSBL spamtrap.trblspam.com appears to have gone offline as of April 2, 2013. It appears to have been created in early 2011 by somebody known as "Tom from TRBL," whom I observed participating in various email discussion lists. I've emailed Tom and will update this page if I receive any further details.
I recommend removing spamtrap.trblspam.com from any blocklist checking you're doing. Any time a list is shut down, there's a chance that they will end up putting in a wildcard DNS record, which ends up effectively "listing the world" and causing problems for any receiving sites who still have that DNSBL configured in their mail server configuration.
(Thanks to Martijn Grooten for the heads up.)
I recommend removing spamtrap.trblspam.com from any blocklist checking you're doing. Any time a list is shut down, there's a chance that they will end up putting in a wildcard DNS record, which ends up effectively "listing the world" and causing problems for any receiving sites who still have that DNSBL configured in their mail server configuration.
(Thanks to Martijn Grooten for the heads up.)
Subscribe to:
Posts (Atom)