2 check and link (de)listing policy
3 NOGO: delisting for money
4 check and link usage policy
5 check and link return codes
6 find newsfeed or mailinglist
12 https://bugs.launchpad.net/ubuntu/+source/amispammer/+bug/835614
13 http://www.blalert.com/dnsbls
14 http://www.dnsbl.info/dnsbl-list.php
15 http://dnsbl.inps.de/index.cgi?lang=en&site=00002
16 http://www.sdsc.edu/~jeff/spam/cbc.html
17 http://moensted.dk/spam/
18 https://whatismyipaddress.com/blacklist-check
19 https://multirbl.valli.org/
20 https://glockapps.com/blacklist/
21 https://docs.hetrixtools.com/monitored-blacklists/
22 https://www.blacklistmaster.com/
23 https://knowledge.validity.com/hc/en-us/sections/204468388-Blocklists
24 https://github.com/zbetcheckin/DNSBLs
25 https://en.wikipedia.org/wiki/Comparison_of_DNS_blacklists
26 https://www.impressionwise.com/kb/threats/rbl-advisories.html
28 http://dnsbl.aspnet.hu/
33 maybe? they have antispam but it’s all portugese? or spanish? no idea
41 https://www.blalert.com/dnsbl/shortlist.mailhosts.org
44 https://www.dnsbl.com/2007/02/status-of-opmblitzedorg-dead.html
45 referenced ML post is 404
46 blackholes.five-ten-sg.com
47 Offline as of 1/1/2013
48 https://whatismyipaddress.com/five-ten-sg
50 On 9/29/2020 the ROTHEN blacklist appears to have started to list the entire internet
51 https://www.dnsbl.info/dnsbl-details.php?dnsbl=dynip.rothen.com
54 https://community.spiceworks.com/topic/329762-blacklist-removal
55 https://bugs.launchpad.net/ubuntu/+source/amispammer/+bug/835614
56 website contains spam/crap
57 http://cart00ney.surriel.com/
64 https://www.dnsbl.com/2013/02/status-of-blcsmabiz-dead.html
66 website contains info about living in australia? called "AusBlog"
67 http://www.dnsbl.com/2009/04/status-of-dnsblnetau-dead.html
68 http://moensted.dk/spam/
70 https://moensted.dk/spam/
71 http://rbl.mw-internet.net/
73 2023: it is an asian(?) gambling(?) website
74 http://www.blackholes.us/
76 https://www.dnsbl.com/2009/10/status-of-blackholesus-dead.html
77 http://www.deadbeef.com/
79 spamsources.dnsbl.info
81 http://www.dnsbl.info/spamsources-dnsbl-defunct.php
83 domain dead, no other info
86 https://en.wikipedia.org/wiki/Not_Just_Another_Bogus_List
88 website parked, no other info
89 https://www.transip.nl/
91 https://www.blalert.com/dnsbl/proxy.block.transip.nl
92 https://www.blalert.com/dnsbl/residential.block.transip.nl
93 pss.spambusters.org.ar
97 https://snark.net/ gives access denied
98 whois.rfc-ignorant.org
100 rfc-ignorant.org registered but no A/AAAA record
102 http://www.h-online.com/security/news/item/RFC-Ignorant-org-blacklist-closes-down-1724814.html
103 https://www.dnsbl.com/2012/09/status-of-rfc-ignorantorg-shutting-down.html
104 will-spam-for-food.eu.org
107 https://rfc1149.net/blog/2012/01/22/who-did-resurrect-will-spam-for-food/
109 dead, seemingly written on http://proxybl.org/blog but that’s also dead
110 https://linuxreviews.org/Mail_Spam_Blacklists
111 https://community.sophos.com/utm-firewall/f/web-server-security/50273/dnsbl-proxybl-org-offline
113 timeout, also on the parent null.dk
116 seems dead, no info to be found
117 domain does not respond
118 http://msrbl.blogspot.ch/
119 http://msrbl.blogspot.com/ says "no updates" since 2010 but supposed to be reactivated
121 http://www.olsentech.net/
122 strange content on web
125 http://www.orbitrbl.com/
129 registered but no A/AAAA record
131 https://kc.mcafee.com/corporate/index?page=content&id=KB53783
135 http://anti-spam.org.cn/?locale=en_US
139 talkactive.net redirects twice to some hosting company
140 last listings in 2017
141 https://multirbl.valli.org/detail/rbl.talkactive.net.html
142 https://www.blacklistmaster.com/blacklists?view=details&blacklist=rbl.talkactive.net
144 no policies published
146 was a private list of an irc network
147 network was renamed idlechat.net in 2014
148 became a discord chat in 2022(?)
149 http://blakjak.net/RBL
150 external access disabled
151 2023: seems dead, website is a weird error
152 https://www.blalert.com/dnsbl/rbl.blakjak.net
153 This is a private list that we do not monitor as the maintainer has explicity announced that the list is for his personal use
154 http://cyberlogic.net/
156 https://www.dnsbl.info/dnsbl-details.php?dnsbl=dnsbl.cyberlogic.net
157 On or about 5/21/2018 the cyberlogic DNSBL ceased functioning properly.
158 https://www.dnsbl.com/2018/05/
159 As reported on the mailop mailing list on Friday May 25, 2018, the blocking list at dnsbl.cyberlogic.net now contains a "wildcard" DNS entry, effectively listing the entire internet
160 http://www.rbl.jp/allrbl-e.html
161 website asks for login or just errors
162 http://www.spamhauswhitelist.com/en/
163 looks like a parked domain with ads
164 http://stopspam.org/rblcheck/index.php
166 http://www.stopspam.org/rbl-info/
168 http://countries.nerd.dk/
169 unable to connect, also for nerd.dk
170 http://dul.ru/dul.en.html
172 http://dns.measurement-factory.com/surveys/openresolvers.html
174 »The following text describes past open DNS resolver surveys and an associated DNS lookup service that has been long shut down«
175 http://www.sectoor.de/tor.php
177 http://anticaptcha.net/
179 http://blacklist.lashback.com/
180 query zone: ubl.unsubscore.com
181 provider’s website https://lashback.com/ seems alive and active (news entries from 2023) but does not link to the blacklist
182 rsync URLs seem dead, so does the download url
183 http://blacklist.woody.ch/
184 no entries in the displayed "top 100"
185 may have been absorbed into the swinog blacklists, see antispam.imp.ch
186 http://cbl.abuseat.org/
187 https://www.abuseat.org/
188 changes to the CBL that occured in January 2021. In short, the CBL infrastructure was replaced by the Spamhaus XBL structure
189 http://dnsbl.burnt-tech.com/
191 http://rbl.dns-servicios.com/rbl.php
192 website can not be found
193 http://spamcannibal.org/
194 dead, as of at least 2018
195 http://st.technovision.dk/
196 https://docs.hetrixtools.com/st-technovision-dk-inactive-removed/
197 [December 8, 2021] This RBL has stopped responding to DNS queries.
198 http://spamstinks.com/
199 cert is for generic hostname
200 website shows some login form
202 https://www.rollernet.us/2017/01/shutdown-of-virbl-dnsbl-bit-nl/
203 January 23, 2017: »The Virbl-project site has been replaced by this static message to inform those that find their ways here. The Virbl DNSBL-zone was emptied and will be removed all together at a moment further on in the future.«
204 http://www.blocklist.de/en/index.html
205 lots of timeouts as of 2023
206 forum link is dead, among others
207 seems unmaintained but alive
208 latest news is from 2016
209 latest blog entry from 2022
210 Abusix, a network security company for mail security and abuse report handling, takes over blocklist.de to integrate it within its Abusix platform to further improve its data quality.
211 http://www.emailbasura.org/cgi-bin/emailbasura-ini.pl?lang=eng
213 http://www.leadmon.net/spamguard/
215 http://www.srntools.com/blacklist/
216 redirects to comodo.com subdomain where I can’t find any information about a DNSBL
217 https://bl.konstant.no/
218 https://docs.hetrixtools.com/bl-konstant-no-unresponsive-removed/
219 [July 29, 2022] This RBL has become unresponsive, and we’ve removed it from our system until it returns to functioning normally again.
220 https://www.megarbl.net/
222 https://www.blalert.com/dnsbl/rbl.megarbl.net
223 »This blacklist is marked as inactive and is not being checked at the moment. We will be tracking it to see if it goes to normal again.«
224 https://www.kisarbl.or.kr/
225 can’t find information about it
226 website redirects to https://spam.kisa.or.kr/ which gives a 404
227 https://www.abuse.ch/
228 old, defunct link: https://www.abuse.ch/?tag=httpbl
229 does not seem to have a DNSBL (anymore)
230 might be incorporated into spamhaus?
231 does host other databases about threats
233 https://antispam.imp.ch/
236 no good listing policy
237 information received from inquiry to provider
238 website will be updated
240 dnsrbl.swinog.ch and uribl.swinog.ch (holding time increases with hits)
242 127.0.0.10 => TRAP (Email sent to a spamtrap)
243 127.0.0.11 => REPO (Email reported as Spam by customer)
244 spamrbl.imp.ch (3 days holding time)
245 IPs are listed when trying to send mail to the spamtrap mailserver
246 MD5 hash: attachment sent to the swinog blacklist
249 http://blacklist.woody.ch/rblcheck.php3
253 https://docs.hetrixtools.com/lookup-dnsbl-iip-lu-false-positive-removed/
254 in 2016: lookup.dnsbl.iip.lu blacklist started issuing false positive responses and upon further investigation looks to be abandoned/dead.
255 https://www.blalert.com/dnsbl/lookup.dnsbl.iip.lu
256 This blacklist is marked as "shut down" and non-operational as of 2017-12-31.
257 http://dnsbl.inps.de/
259 https://www.dnsbl.com/search/label/dnsbl.inps.de
260 Today, May 25, 2020, he has announced that it is shutting down, due to concerns around GDPR and personal challenges brought on by the coronavirus pandemic.
261 https://docs.hetrixtools.com/dnsbl-inps-de-removed-from-our-system/
262 [May 29,2018] IPv4 RBL dnsbl.inps.de has been removed from our system, as they have decided to discontinue the RBL project for the time being.
263 https://glockapps.com/blacklist/dnsbl-inps-de/
264 Today, May 25, 2020, he has announced that it is shutting down, due to concerns around GDPR and personal challenges brought on by the coronavirus pandemic.
265 https://www.dnsbl.info/dnsbl-details.php?dnsbl=dnsbl.inps.de
266 This blacklist is offline as of May 1, 2020.
267 https://web.archive.org/web/20220428013500/http://www.inps.de/
273 dob.sibl.support-intelligence.net
278 http://www.usenix.org.uk/content/rbl.html
283 https://help.fasthosts.co.uk/app/answers/detail/a_id/140/kw/rbl
285 https://antispam.fasthosts.co.uk/
288 http://barracudacentral.org/rbl
289 requires account with extensive information (more than spamhaus e.g.):
295 your state/province name.
296 your zip/postal code.
297 the name of the alternate contact.
298 the phone number of the alternate contact.
299 the email address of the alternate contact.
300 seems well documented
303 http://www.spamhaus.org/organization/statement/008/fake-dnsbl-uncovered-nszones.com
304 http://www.backscatterer.org/
305 questionable policy - pay for (quicker) delisting
306 https://support.hornetsecurity.com/hc/en-us/articles/360011880797-Why-are-Hornetsecurity-IP-addresses-listed-at-Backscatterer-
307 as of December 29, 2021: »The removal at the blacklist backscatterer.org can only be done for a fee«
308 https://www.warmy.io/blog/backscatterer-blacklist-how-to-remove-your-ip-from-it
309 in March 17, 2023 does not mention need to pay
310 https://support.forcepoint.com/s/article/Forcepoint-IP-s-blocklisted-by-UCEProtect-and-Backscatterer-org
311 recommend against using it
312 https://whatismyipaddress.com/backscatterer
313 mentions strict delisting process and "express delisting" but nothing further
314 https://bobcares.com/blog/backscatterer-blacklist/
315 goes through the process with screenshots showing express delisting for 109$
316 https://community.cisco.com/t5/email-security/issues-with-www-backscatterer-org-any-one/td-p/1298377
318 https://www.titanhq.com/blog/warning-ignore-pay-for-de-listing-blacklist-service/
319 Jan 17th, 2020: »UCEProtect also charges a delisting fee. TitanHQ discourages email administrators from using the UCEProtect blacklist and we do not recommend paying for list removal«
320 https://web.archive.org/web/20150320180344/http://www.jvfconsulting.com/blog/130/Backscatterer_Network_Spam_List_Is_Another_UCEPROTECT_Extortion_Scam.html
324 https://cncz.science.ru.nl/en/howto/email-spam/
325 not really its own DNSBL?
329 seems serious but missing necessary info
332 http://blacklist.jippg.org/
338 https://www.virusfree.cz/en/help is the only place I can find any official reference to this list at all but no policies or usage information
339 https://www.nixspam.net/
340 previously http://www.dnsbl.manitu.net/
341 query zone: ix.dnsbl.manitu.net
342 provided by the reputable german publisher 'heise' which makes the high quality c’t, iX, and telepolis magacines
343 difficult to find info regarding listing policy
344 asked for more information to be added
345 https://www.heise.de/forum/iX/Kommentare/Gemeinsam-stark/Nutzungsbedingungen-Return-Codes-sonstige-Infos/posting-42669177/show/
347 website works but barely any info, not even how to query it
348 https://www.redhawk.org/?p=64
349 https://www.redhawk.org/SpamHawk/index.php
350 https://senderscore.org/
351 requires registration?
352 Scam? http://www.complaintsboard.com/complaints/buyer-beware-senderscoreorg-is-a-scam-c276871.html
353 https://senderscore.org/assess/blocklist-lookup/
354 FAQ: https://knowledge.validity.com/hc/en-us/articles/360006992592-Return-Path-Blocklist-RPBL-FAQ-
355 no information how to query found
357 https://ers.trendmicro.com/
358 trendmicro paid service
359 https://docs.trendmicro.com/en-us/enterprise/email-reputation-services-online-help/getting-started_001/configuring-email-re/creating-an-account.aspx
360 »If you don’t create an account, you can still query the reputation of an IP address«
361 I don’t find any pricing or usage information
362 http://dnsbl.tornevall.org/
363 https://www.tornevall.net/
364 related to https://www.fraudbl.org/
365 seems a bit unstructured and not very well documented
366 I can’t be arsed to deal with confluence slowing my browser to a halt repeatedly and it’s really hard to navigate but there seems to be some information on https://docs.tornevall.net/display/TORNEVALL/Endpoint%3A+dnsbl+-+DNSBL+v5+with+API+v3
368 http://rbl.schulte.org/
370 listing policy seems to be: they received spam from an IP
371 usage policy: Anyone can use this RBL list [sic]
372 return codes: probably boolean, i.e. either listed or not
373 http://relaytest.kundenserver.de/
374 by 1und1 (now ionos?), used internally
375 https://www.blalert.com/dnsbl/relays.bl.kundenserver.de
376 no usage policy found
377 no listing policy found
378 no return code explanation found
379 http://www.blockedservers.com/
384 No rights given; all rights are in the dumpster; Copyleft 2012 - 3013 - page generated in 0.009843111038208 secs
385 https://choon.net/dnsbl.php
386 no usage policy or instructions
388 only automatic delisting after 30 days
392 http://blogs.technet.com/b/fss/archive/2009/05/08/forefront-dnsbl-yeah-or-nay.aspx
393 https://web.archive.org/web/20150812003556/http://blogs.technet.com/b/fss/archive/2009/05/08/forefront-dnsbl-yeah-or-nay.aspx
394 https://www.blalert.com/dnsbl/88.blacklist.zap
395 88.blacklist.zap is an internal blacklist maintained by Microsoft's Forefront
396 https://www.dnsbl.com/search/label/frontbridge
398 »Use of any DrMX.ORG DNS Zone is by request and by contract only.«
400 tdk.net seems dead on http(s)
402 https://www.blalert.com/dnsbl/rbl.tdk.net
403 old link: http://postmaster.tdc.dk/publish.php?id=31787
404 tdc.dk redirects to yousee.dk
405 https://web.archive.org/web/20170703084224/http://postmaster.tdc.dk/publish.php?id=31787
408 https://www.blalert.com/dnsbl/rbl.zenon.net
409 http://www.noc.zenon.net/rbl/
412 was public until 2015
413 now private, invite-only
414 http://rfc-clueless.org/
416 that do not adhere to common best practices or requirements
417 does NOT list spammers!
418 listing criteria are explained well
419 http://rfc-clueless.org/pages/listing_policy
420 return codes are explained
421 http://rfc-clueless.org/
422 usage policy is not so clear but the FAQ implies that it’s just free to use for everyone
424 first noticed in 2014 and deactivated
425 retried in 2023 and still the case
426 http://spameatingmonkey.com/
428 that sent backscatter
429 that sent to spamtrap
431 this includes dial-up!
432 https://spameatingmonkey.com/faq/policy-based-listing
436 usage policy seems clear
437 https://spameatingmonkey.com/faq/query-limits
438 listing policy seems clear
439 https://spameatingmonkey.com/services
440 return codes documented
441 https://spameatingmonkey.com/services
442 http://blogspambl.com/
443 redirects to spameatingmonkey.com
446 that appear in spam bodies
449 that URIs in spam bodies resolve to
450 return codes are documented
451 https://uribl.com/about.shtml#implementation
453 127.0.0.1 is used to signal abusive query behaviour
454 http://wiki.junkemailfilter.com/index.php/Spam_DNS_Lists
458 usage policy is relatively clear that it’s free, except maybe for big for-profit oranizations
459 listing policy is documented
460 return codes are documented
461 seems very trustworthy
462 http://www.sorbs.net/
466 usage policy is clear that it’s free
467 listing policy is documented
468 return codes are documented
470 http://www.spamhaus.org/
473 seems very professional
476 usage policy is clear
477 https://www.spamhaus.org/organization/dnsblusage/
478 listing policies are clearly documented
479 return codes are clearly documented
480 http://www.surbl.org/
483 usage policy is clear
484 https://surbl.org/usage-policy
485 listing policy is documented
486 return codes are documented
488 127.0.0.1 means blocked
492 listing policy seems clear
493 https://zapbl.net/policy
494 usage policy seems clearly free for everyone
495 https://zapbl.net/using
496 return codes are documented
498 https://rbl.foobar.hu/
501 listing policy seems clear
502 usage policy seems clearly free for everyone
503 return codes are documented
504 possibly unmaintained or dead
505 footer says: ©2013-14
506 http://apews.org/?page=filter
508 https://www.dnsbl.com/search/label/apews
509 https://whatismyipaddress.com/apews
511 no news on http://apews-user.blogspot.com/ since 2014
512 not further looked into because of the above
513 https://www.dnswl.org/
514 seems to be run with best intentions but has had issues from what I have heard from some users
515 IRC channel has some activity
516 usage policy relatively clear
517 free within certain limits
520 return codes are documented
522 https://www.dnsblchile.org/index.en.html
523 chilenian spam so not interesting for me
525 00_LISTS_BLOGSPAMMERS
526 https://www.madavi.de/madavibl/
527 »This blacklist should only be used to block comment spammer (on blogs and websites). Don’t use it for mail.«
529 does not exist anymore
530 empty.us returns »Nothing here, obviously.«
533 http://korea.services.net/
535 00_LISTS_OPENRESOLVERS
537 https://www.dan.me.uk/dnsbl
538 http://rbl.efnetrbl.org/
539 aka http://tor.efnet.org/
541 lists open proxies, infected machines, tornodes, etc.
543 clear information on usage policy
544 Nothing. The 0Spam Project is absolutely free for email providers, IT professionals and general removal request.
545 DNSBL service and removals are 100% for free for all uses; commercial, non profit and personal.
547 listing policies are a little less clear
548 bl.0spam.org DNSBL | 0spam Spam Trap Primary Database
549 nbl.0spam.org Network Black List | Spam Source Networks, high volume of spam trap hits in a Class C block will result in network listings in this DNSBL.
550 url.0spam.org URL Black List | This list contains the IP address of domains found to be in the source of spam emails found in our traps.
551 return codes not very clear
555 The last IP address before destination in the email headers is listed into rbl.abuse.ro list.
556 Sender domains are analyzed and if confirmed to be not spoofed, are listed into dbl.abuse.ro list
557 Spamvertized domains (including those indirectly linked through services like bit.ly) are listed into uribl.abuse.ro list
559 usage policy is clear: free for whatever
560 listing policy is not quite so clear
561 can be mostly inferred from the classes but not entirely clear IMHO
564 not explicitly mentioned but it’s 127.0.0.X where X is the class from https://dronebl.org/classes
566 query zone: psbl.surriel.com
567 no usage policy, but seems implied that usage is free
569 no explicit, complete policy given but sending to spamtraps is mentioned to get you listed and seems the exclusive mechanism
571 not documented, probably only boolean
572 http://rbldata.interserver.net/
573 listing policy more or less clear
574 usage policy not given but since usage is explained it’s probably free for all
575 return codes seem to be binary, i.e. either listed or not
579 usage policy not explicit but seems to be free
580 listing policy also not explicit but can be inferred from return code explanation
581 return codes are explained
583 clear usage policy (ToS)
584 listing policies documented
585 return codes of aggregated list documented
588 usage policy documented
589 listing policy not really clear
590 return codes documented
592 listing procedure is documented
593 usage policy implied: free to use
594 return codes documented
595 http://www.aupads.org/
596 aka www.antispam-ufrj.pads.ufrj.br
598 listing policy more or less clear
600 usage policy seems clear: freely exported by anybody who wants to use them«
601 http://www.gbudb.com/truncate/
603 usage policy seems implied: free use
604 return codes documented
605 »Truncate is very conservative. On most systems it can be safely used to reject connections!«
606 http://www.justspam.org/
607 listing policy documented
608 warning: relies on listings in other DNSBLs! also for delisting!
611 http://www.kempt.net/dnsbl/
612 listing policy documented
613 usage policy documented
614 return codes undocumented
615 http://www.spamcop.net/
616 listing policy documented
617 The SCBL is aggressive and often errs on the side of blocking mail
618 usage policy is: free
620 return codes documented
621 http://www.spamsources.fabel.dk/
622 usage policy is: free
623 listing policy seems clear
625 http://www.uceprotect.net/en/index.php
626 takes money for faster delisting
627 listing policy is documented
628 usage policy is documented: free
630 https://www.heise.de/hintergrund/Spam-Golem-291396.html
633 https://news.admin.net-abuse.email.narkive.com/boJTu7JC/claus-v-wolfhausen-harasement
634 https://www.linode.com/community/questions/2324/uceprotectnet-has-us-blacklisted
635 https://uceprotect.wtf/
636 https://www.aaroncake.net/misc/showthought.asp?thought=57
637 https://www.dnsbl.com/search/label/claus%20v.%20wolfhausen
638 https://wordtothewise.com/2018/06/another-day-another-dead-blacklist/
639 https://community.spiceworks.com/topic/2170592-uceprotect-blacklist-scam
640 http://kontech.net/uceprotect-blacklist-scheme-2020/
641 http://www.whitelisted.org/
644 related to uceprotect, see there
645 https://www.team-cymru.org/Services/Bogons/dns.html
648 does not list spammers but bogons
650 usage policy not quite clear ATM
651 return codes documented: binary
652 http://mailspike.net/usage.html
654 https://puck.nether.net/or/
656 http://www.isipp.com/email-accreditation/iadb-query-instruction/
658 not quite a usage policy, but seems ok
659 strange split of ipv4 and ipv6
projects / user / henk / docs / dnsbl_notes.git / blob