Status of DEAD

There once was a DNSBL called Exactly when it was created is lost to the mists of time, but I'm guessing it was somewhere around the end of 2001 or beginning of 2002, after its maintainer, Derek Balling, parted ways with Yahoo. I recall that the point of the list was to be able to reject mail from Yahoo.

Today, reader John Carver kindly wrote in to let me know that this blocking list is indeed defunct and has "listed the world," installing a wildcard DNS record with the result that if you use in your mail server configuration, you're going to reject 100% of your mail. Query of any domain or IP address under will result in a "" positive response, that will make a mail server think it should reject the email message in question.

If you use as a DNSBL list in your mail server configuration, I strongly recommend you remove it immediately. The list is long dead, and use of the list will result in you accidentally rejecting 100% of inbound mail.

As recently as 2006, the DNSBL also responded with text warning that it was defunct: "521 The IP is Blacklisted by This zone has been deprecated for about two years. Maybe if it starts blocking your mail you'll notice and stop using it." This is no longer the case; the text record does not seem to be present.

See also the Ipswitch ImailServer knowledge base article on this topic.

Beware: "Fake" Blocking list at

Spamhaus reports that they have "uncovered a fake spam filter company which was pirating and selling DNSBL data stolen from major anti-spam systems including Spamhaus, CBL and SURBL, republishing the stolen data under the name ''"

Ouch. I guess if you publish a free or easily accessed spam filtering tool, it is inevitable that at some point somebody would try to take the data and repackage it against copyright and against the data owner's wishes.

If you find yourself listed on this blocking list; don't fret. If what Spamhaus says is true (and I have little reason to doubt them), then this list is not really being used to block email. (And should not be used to block email.) Ignore it, stay listed, and eventually they'll move on to easier targets.

If you're a system administrator, DO NOT use any of the DNSBL zones at for spam filtering purposes. As its intent may not be above-board, I would have strong concerns about the possibility of listing things only to engender a payment for delisting -- for reasons having nothing to do with spam fighting.

SURBL Announces New Experimental Blocking List

Today, the team behind the SURBL domain blaclists announced a new, experimental blocking list:

As announced on the SURBL-Announce list: "An experimental source of some snowshoe and pill domains is now being published in  SURBL considers this feed to be experimental and would very much welcome feedback about it, particularly about any false positives.  Does anyone know anyone who actually wants to receive snowshoe messages?"

You can read the entire announcement here.


As messaged to the Karmasphere-Users and Karmasphere-Announce mailing lists, the Karmasphere Reputation Services data feeds are being retired. This means that the associated blocking list(s), including the DNSBL zone, and any other DNSBL/DNSWL zones under It is unclear to the author if is similarly affected.

Karmasphere has indicated that the feed service will be discontinued on November 16, 2009. It's very important that all Karmasphere-using mail administrators remove any Karmasphere-hosted DNSBLs from their configuration before that date, else inbound receipt of legitimate email messages could be delayed or otherwise impacted.

For more information, click on over to Spam Resource to read a copy of the Karmasphere notice.

Status of DEAD

The DNSBLs were created in 2001 or 2002 by Sabri Berisha. The goal: To list "all known assigned IPv4 address space, by originating AS and by country. [This is based on] a full routing view is extracted daily from a router in the default free zone. The AS->country mapping is done via the statistics which are being provided by the four RIR's, ARIN, APNIC, LACNIC and RIPE."

Today, the website warns that the service is closed. Sabri notes that "[it has become] more and more difficult and time-consuming to maintain a trustworthy list I started to notice more and more errors. The list is no longer of the quality needed to use in a production environment."

The website warns that if DNS queries continue at a high level, the DNS servers are likely to be configured in a way that will cause 100% of inbound mail attempts to be rejected, for all mail servers still using This makes it imperative that you remove any zones from your mail server configuration, as soon as possible.

Status of DEAD

Created by Matthew Evans in 2002, the goal of the site was "to create (yet more) DNS blocklists of spammers, spam supporting ISPs, spamware hosts, dialup networks, and other notorious email abusers originating in the United States." Matthew published many different DNSBL zones, listing various countries, ISPs, netblocks, etc.

Status of DEAD

Scott Glassbrook writes: "I ran a dnsbl, many many years ago. I stopped the DNSBL back in June of 2006, and shut down the server it was running on. 

"Since that time, all queries to have timed out. I made an attempt to bring the domain name back up in 2008, only to find that people are still trying to query the domain name. [...] Because of that, I see no other option than to start returning positives for *any* query issued to, beginning 10/16/2009. If you happen to be trying to use a dead DNSBL, please update your mail server configuration."

Scott indicates that random mail administrators are still "pounding the hell" out of his DNSBL hundreds fo times per second, all day and all night, ever day. Not cool.

If you're still querying this DNSBL, it's important that you immediately remove it from your mail server configuration. As of October 16th, use of this DNSBL will result in you rejecting 100% of your inbound email.

Status of DEAD

As of July, it looks like a popular blocking list used in default SpamAssassin installations is no more. Users were reporting false positive issues, where every message checked by SpamAssassin would receive a score of 2.43, supposedly due to the sender being listed in the blocking list

The Open Whois list appears to have been created in 2007, with a goal of promoting transparency in domain registrations. According to the (now deceased) website, "It is a list of domains which are privately (or anonymously) registered, e.g. through services such as Domains By Proxy, or Moniker Privacy Protection."

As of July 18, 2009, it appears that a squatter has taken over the domain name. At first, the new owner of the domain used a "wildcard" DNS record, resulting in the return of a positive response for any DNS query. The net effect is that every domain checked against this blocking list results in a DNS response that makes your spam filter think that the domain is listed, usually incorrectly so.

Since the issue was first observed, the squatter must have noticed all of this DNS traffic coming from SpamAssassin users and decided that the traffic was undesirable, so they've modified the domain in whois so that its name servers point at obviously invalid IP addresses.

That's good, because it means there shouldn't be any more false positive issues, for now. But, it does mean that your SpamAssassin checks take longer than usual, as queries against this dead list will time out. (And who is to say the squatter won't resurrect the domain with valid DNS servers and perhaps another DNS wildcard, causing a whole new batch of false positives for a whole bunch of SpamAssassin users.)

If you're a SpamAssassin user, it would be wise to remove or disable the SpamAssassin rule that check for that list. The rule you're looking for is located in the "" file in the rules subdirectory of your SA installation.

To disable this check in your SpamAssassin installation (manually), move or delete the "" file from your rules directory. Where this directory is exactly located is going to depend on your installation. On my friend's Linux installation, the directory path is /etc/mail/spamassassin/rules .

The better thing to do, I was advised by friendly SpamAssassin user Phil Randal, is to run sa-update. It's best practice for SA users to run sa-update every week or few to load the latest "in between-release" updates. Running sa-update will ensure that the check is disabled.

I suspect that this blocking list check will be removed from SpamAssassin in future releases, but as of today (8/18/2009), the check is still in the most recent version available for download (3.2.5). As long as you run sa-update or manually disable this check, you should be all set.

TQMCUBE Status Updated

Here's a quick note to let you know that I've updated my page of information on the long-dead TQMCUBE blocking list. Click here for more information.

SORBS Status: Shutting Down or For Sale

As reported on Spamtacular and on SORBS' website:

"ANNOUNCEMENT: Possible SORBS Closure... It comes with great sadness that I have to announce the imminent closure of SORBS. The University of Queensland have decided not to honor their agreement with myself and SORBS and terminate the hosting contract.

Status of DEAD

The blocking list at has announced it is winding down. As noted in a February 25, 2009 posting on its website, "Please note that as of Wednesday, April 1, 2009 the DNSBL.NET.AU blacklist will cease to exist."

As of this writing on April 29th, 2009, I do still see active entries when querying via DNS, but I assume that these are likely to go away soon. If you utilize this list, I'd recommend removing it from your MTA or spam filter configuration.

Status of DSBL: DEAD

The DNSBL called "DSBL" is no more. As of March 11, 2009, their website reports: "DSBL is GONE and highly unlikely to return. Please remove it from your mail server configuration."