Leonardo from SPFBL shared the following information with me and I thought it would be useful to share it here with folks.
All about DNSBLs, aka blocklists/blacklists // Since 2001 // Published by Al Iverson
Status of bad.psky.me: QUESTIONABLE
Noted and respected spam filterer Spamhaus is indicating that they believe the the Protected Sky (bad.psky.me) blocklist is "fraudulent." They report that Protected Sky is "an anonymously-run DNSBL service which was pirating [Spamhaus] data and republishing it as its own work." Spamhaus further indicates that Protected Sky doesn't follow DNSBL best practices as indicated in RFC6471.
Status of anonwhois.org: DEAD
I first blogged about the ANONWHOIS blocking list back in 2010. It was very useful to identify domains were ownership information was cloaked from the public. Why? Because many of us in the anti-spam and security community think that for a domain being used for commercial purposes, it isn't right to hide who the owner is. And this obstruction to transparency is often exploited by bad guys who send spam and malware, to try to make it harder to identify them.
Status of bl.spamcannibal.org: DEAD
Back in 2016, I used this page to report on a temporary system issue with the Spam Cannibal DNSBL.
Today (May 30, 2018) I'm updating this page to let folks know that they should immediately cease using the Spam Cannibal blocking list.The domain spamcannibal.org seems to have expired and been taken over by somebody else. If you decide to visit the website, be careful! It tried to get me to install what I assume to be malware.
If you use this DNSBL in your mail server configuration, you're probably now rejecting all mail, as the domain has a wildcard DNS entry. This kind of thing makes a blocklist look like it has listed the whole world. Every IP address checked usually shows up as listed.
The Spam Cannibal DNSBL has been around since at least 2003. It was started by a gentleman that I think prefers to be anonymous, so I'm choosing not to name him. It was basically spamtrap-driven, though I believe it would sometimes list /24 blocks of IP addresses in response to some spamtrap hits. It wasn't that widely used, but back in the old days, it often put the fear of god into marketing senders when seeing a hit against this list on their favorite DNSBL checking tool. This was also good in that it helped to drive marketer understanding of how sending to bad addresses can cause bad things to happen. As the list was primarily spamtrap-driven, it was mostly safe for hobbyist mail server use (in my opinion, anyway).
I reached out to the publisher of the Spam Cannibal DNSBL He let me know that the DNSBL is dead and gone. It is no longer an ongoing concern.
Fifteen years is a pretty good run, if you ask me. I wish him best of luck on any future projects.
May 31, 2018 update: The operator of Spam Cannibal is working with some smart folks to shut down the list in a graceful fashion. While there is no longer a "wildcard DNS" issue, the list is no longer being updated and is retired; you should still remove it from your mail server configuration.
Today (May 30, 2018) I'm updating this page to let folks know that they should immediately cease using the Spam Cannibal blocking list.
The Spam Cannibal DNSBL has been around since at least 2003. It was started by a gentleman that I think prefers to be anonymous, so I'm choosing not to name him. It was basically spamtrap-driven, though I believe it would sometimes list /24 blocks of IP addresses in response to some spamtrap hits. It wasn't that widely used, but back in the old days, it often put the fear of god into marketing senders when seeing a hit against this list on their favorite DNSBL checking tool. This was also good in that it helped to drive marketer understanding of how sending to bad addresses can cause bad things to happen. As the list was primarily spamtrap-driven, it was mostly safe for hobbyist mail server use (in my opinion, anyway).
I reached out to the publisher of the Spam Cannibal DNSBL He let me know that the DNSBL is dead and gone. It is no longer an ongoing concern.
Fifteen years is a pretty good run, if you ask me. I wish him best of luck on any future projects.
May 31, 2018 update: The operator of Spam Cannibal is working with some smart folks to shut down the list in a graceful fashion. While there is no longer a "wildcard DNS" issue, the list is no longer being updated and is retired; you should still remove it from your mail server configuration.
SURBL: Adding ABUSE sublist, deprecating SC & AB
The domain blocking list SURBL announced today that it is deprecating the SC (Spamcop) and AB (AbuseButler) sublists, migrating their data into a new ABUSE sublist. They note that the WS (Bill Stearns' sa-blacklist) sublist is also going to be migrated into ABUSE in 2016.
SURBL also recently announced the addition of SURBL-specific blocking notification messages to the popular SpamAssassin spam filtering software.
SURBL also recently announced the addition of SURBL-specific blocking notification messages to the popular SpamAssassin spam filtering software.
Subscribe to:
Posts (Atom)