If you use any of the MSRBL DNSBLs, take note: For the second time since 2017, the domain msrbl.net has expired and its name servers are responding positively to any DNS request.
This has the net effect of the DNSBL "listing the world." If you use any MSRBL blocklist in your mail server, you're blocking all mail from any IP address in the whole world.
So....don't do that!
The MSRBL's website at msrbl.com is up and running, but the DNSBL zones are not under "dot com" -- they are under "dot net."
June 14, 2019 Update: Looks like the DNSBL has been restored and is no longer "listing the world."
All about DNSBLs, aka blocklists/blacklists // Since 2001 // Published by Al Iverson
Status of exitnodes.tor.dnsbl.sectoor.de: DEAD
As reported by Word to the Wise, the DNSBL at exitnodes.tor.dnsbl.sectoor.de seems to have gone extinct. Like has happened with other lists in the past, the domain now contains a wildcard DNS entry which is bad news for DNSBLs. This means that those folks who use this DNSBL to filter mail are going to get a match on every possible IP address in the world. Every possible IP address will show up as listed, even though it's not actually listed by the blocklist.
As a result, I strongly suggest that mail administrators stop using the exitnodes.tor.dnsbl.sectoor.de DNSBL immediately.
DNSBL lookup sites should stop including exitnodes.tor.dnsbl.sectoor.de in blocklist results; the information they display would be incorrect and would scare people into thinking that they are listed, when they are not.
I don't know much about this DNSBL. Based on its name, it seems to exist to allow people to block mail from servers that host TOR Exit Nodes. If you're receiving anonymized harassing mail, that might be something you'd want to block.
The Internet Archive suggests that this list has been around since at least February 7, 2005.
June 6, 2018 Update: The DNS "wildcard" entry has been removed. This should stop any false positive issues, and means that the list is no longer "listing the world." However, the blocklist is still offline, seemingly for good, and I still strongly suggest that mail admins cease use of this list immediately.
June 6, 2018 Update: The DNS "wildcard" entry has been removed. This should stop any false positive issues, and means that the list is no longer "listing the world." However, the blocklist is still offline, seemingly for good, and I still strongly suggest that mail admins cease use of this list immediately.
Status of dnsbl.cyberlogic.net: BROKEN
As reported on the mailop mailing list on Friday May 25, 2018, the blocking list at dnsbl.cyberlogic.net now contains a "wildcard" DNS entry, effectively listing the entire internet. If you use this DNSBL in your mail server configuration, you should remove it immediately, as it will impede your ability to receive legitimate mail.
New blocklist: SPFBL
Leonardo from SPFBL shared the following information with me and I thought it would be useful to share it here with folks.
Status of bad.psky.me: QUESTIONABLE
Noted and respected spam filterer Spamhaus is indicating that they believe the the Protected Sky (bad.psky.me) blocklist is "fraudulent." They report that Protected Sky is "an anonymously-run DNSBL service which was pirating [Spamhaus] data and republishing it as its own work." Spamhaus further indicates that Protected Sky doesn't follow DNSBL best practices as indicated in RFC6471.
Subscribe to:
Posts (Atom)