Status of rfc-ignorant.org: SHUTTING DOWN

One-time Yahoo administrator Derek Balling has announced that the RFC Ignorant blacklist is being shut down. This blacklist has existed since at least late 2001. Its listing criteria including things like not having an "abuse" or "postmaster"address that accepted mail. Listing criteria didn't necessarily overlap with the generally accepted criteria for fighting spam, so my guess is that this blacklist's lack of usefulness as a spam fighting tool had finally diminished past the point of no useful return. As Derek himself says, "the usefulness of a DNSBL is greatly diminished," and of the old hardware running the service, "the value proposition just isn't there."

I blogged about the RFC Ignorant blacklist back in 2006.

Status of blackholes.five-ten-sg.com: DEAD

The "Fiveten" Blacklist (blackholes.five-ten-sg.com) was a combination anti-spam blacklist run by Carl Byington, publishing under the name of "510 Software Group." This blacklist has been available since at least February, 2001, and it appears to have been retired as of April 2012.

As of late April, 2012, any attempt to look up an entry on the blacklist results in output indicating that "The blackholes.five-ten-sg.com list is retired. No ip address is listed here." Meaning, the blacklist is no longer in operation.

I had previously written about this blacklist back in October, 2007, and my 2007-2008 DNSBL statistics project data showed that the blacklist may not be suitable for broad production use if one wishes to receive requested email messages. The list has been up and down at various other times, most recently being taken offline for a period in November 2010.

(Hat tip: Word to the Wise)

DNSWL.org Announces Changes

Whitelist provider DNSWL.org announced changes to its operating model. Who is DNSWL.org? "Dnswl.org is the leading whitelist provider for email filtering. It is being used by over 50'000 organisations worldwide, and contains close to 100'000 entries of 'good mailservers.' Your email filter should try to avoid tagging messages as spam, if they come from one of those good mailservers."

As announced on their website and on multiple mailing lists today: "As announced earlier, dnswl.org will change it's operating model. "Heavy users" (defined as those doing > 100'000 queries/24 hours on the public nameservers) and vendors of anti-spam products and services will need a paid subscription.

We are now ready to implement the model and will gradually start to enforce it. Since we do not know the current users (all we have are IPs and sometimes hostnames), we will also need to "cut off" users if our attempts at identifying and notifying them fail.

The "cut off" may have two of effects: 1) rsync suddenly stops working 2) queries on the public nameservers are refused. We may be able to reinstate access on a case by case basis.

As usual, we can be reached at admins/at/dnswl.org (or office/at/dnswl.org for direct access to the people handling the subscriptions). All details are available from http://www.dnswl.org/ "

Spews.org Domain Expired

Thanks for Joe Sniderman for the tip that the domain spews.org has expired and was grabbed up by somebody that appears to be a domain speculator or parked domain monetizer. The SPEWS blacklist is long-dead, since August, 2006.

Status of ybl.megacity.org: DEAD

There once was a DNSBL called ybl.megacity.org. Exactly when it was created is lost to the mists of time, but I'm guessing it was somewhere around the end of 2001 or beginning of 2002, after its maintainer, Derek Balling, parted ways with Yahoo. I recall that the point of the blacklist was to be able to reject mail from Yahoo.

Today, reader John Carver kindly wrote in to let me know that this blacklist is indeed defunct and has "listed the world," installing a wildcard DNS record with the result that if you use ybl.megacity.org in your mail server configuration, you're going to reject 100% of your mail. Query of any domain or IP address under ybl.megacity.org will result in a "127.0.0.2" positive response, that will make a mail server think it should reject the email message in question.

If you use ybl.megacity.org as a blacklist in your mail server configuration, I strongly recommend you remove it immediately. The list is long dead, and use of the list will result in you accidentally rejecting 100% of inbound mail.

As recently as 2006, the DNSBL also responded with text warning that it was defunct: "521 The IP is Blacklisted by ybl.megacity.org. This zone has been deprecated for about two years. Maybe if it starts blocking your mail you'll notice and stop using it." This is no longer the case; the text record does not seem to be present.

See also the Ipswitch ImailServer knowledge base article on this topic.