2 check and link (de)listing policy
3 NOGO: delisting for money
4 check and link usage policy
5 check and link return codes
6 find newsfeed or mailinglist
12 https://bugs.launchpad.net/ubuntu/+source/amispammer/+bug/835614
13 http://www.blalert.com/dnsbls
14 http://www.dnsbl.info/dnsbl-list.php
15 http://dnsbl.inps.de/index.cgi?lang=en&site=00002
16 http://www.sdsc.edu/~jeff/spam/cbc.html
17 http://moensted.dk/spam/
18 https://whatismyipaddress.com/blacklist-check
19 https://multirbl.valli.org/
20 https://glockapps.com/blacklist/
21 https://docs.hetrixtools.com/monitored-blacklists/
22 https://www.blacklistmaster.com/
23 https://knowledge.validity.com/hc/en-us/sections/204468388-Blocklists
24 https://github.com/zbetcheckin/DNSBLs
25 https://en.wikipedia.org/wiki/Comparison_of_DNS_blacklists
26 https://www.impressionwise.com/kb/threats/rbl-advisories.html
28 http://dnsbl.aspnet.hu/
33 maybe? they have antispam but it’s all portugese? or spanish? no idea
41 https://www.blalert.com/dnsbl/shortlist.mailhosts.org
44 https://www.dnsbl.com/2007/02/status-of-opmblitzedorg-dead.html
45 referenced ML post is 404
46 blackholes.five-ten-sg.com
47 Offline as of 1/1/2013
48 https://whatismyipaddress.com/five-ten-sg
50 On 9/29/2020 the ROTHEN blacklist appears to have started to list the entire internet
51 https://www.dnsbl.info/dnsbl-details.php?dnsbl=dynip.rothen.com
54 https://community.spiceworks.com/topic/329762-blacklist-removal
55 https://bugs.launchpad.net/ubuntu/+source/amispammer/+bug/835614
56 website contains spam/crap
57 http://cart00ney.surriel.com/
64 https://www.dnsbl.com/2013/02/status-of-blcsmabiz-dead.html
66 website contains info about living in australia? called "AusBlog"
67 http://www.dnsbl.com/2009/04/status-of-dnsblnetau-dead.html
68 http://moensted.dk/spam/
70 https://moensted.dk/spam/
71 http://rbl.mw-internet.net/
73 2023: it is an asian(?) gambling(?) website
74 http://www.blackholes.us/
76 https://www.dnsbl.com/2009/10/status-of-blackholesus-dead.html
77 http://www.deadbeef.com/
79 spamsources.dnsbl.info
81 http://www.dnsbl.info/spamsources-dnsbl-defunct.php
83 domain dead, no other info
86 https://en.wikipedia.org/wiki/Not_Just_Another_Bogus_List
88 website parked, no other info
89 https://www.transip.nl/
91 https://www.blalert.com/dnsbl/proxy.block.transip.nl
92 https://www.blalert.com/dnsbl/residential.block.transip.nl
93 pss.spambusters.org.ar
97 https://snark.net/ gives access denied
98 whois.rfc-ignorant.org
100 rfc-ignorant.org registered but no A/AAAA record
102 http://www.h-online.com/security/news/item/RFC-Ignorant-org-blacklist-closes-down-1724814.html
103 https://www.dnsbl.com/2012/09/status-of-rfc-ignorantorg-shutting-down.html
104 will-spam-for-food.eu.org
107 https://rfc1149.net/blog/2012/01/22/who-did-resurrect-will-spam-for-food/
109 dead, seemingly written on http://proxybl.org/blog but that’s also dead
110 https://linuxreviews.org/Mail_Spam_Blacklists
111 https://community.sophos.com/utm-firewall/f/web-server-security/50273/dnsbl-proxybl-org-offline
113 timeout, also on the parent null.dk
116 seems dead, no info to be found
117 domain does not respond
118 http://msrbl.blogspot.ch/
119 http://msrbl.blogspot.com/ says "no updates" since 2010 but supposed to be reactivated
121 http://www.olsentech.net/
122 strange content on web
125 http://www.orbitrbl.com/
129 registered but no A/AAAA record
131 https://kc.mcafee.com/corporate/index?page=content&id=KB53783
135 http://anti-spam.org.cn/?locale=en_US
139 talkactive.net redirects twice to some hosting company
140 last listings in 2017
141 https://multirbl.valli.org/detail/rbl.talkactive.net.html
142 https://www.blacklistmaster.com/blacklists?view=details&blacklist=rbl.talkactive.net
144 no policies published
146 was a private list of an irc network
147 network was renamed idlechat.net in 2014
148 became a discord chat in 2022(?)
149 http://blakjak.net/RBL
150 external access disabled
151 2023: seems dead, website is a weird error
152 https://www.blalert.com/dnsbl/rbl.blakjak.net
153 This is a private list that we do not monitor as the maintainer has explicity announced that the list is for his personal use
154 http://cyberlogic.net/
156 https://www.dnsbl.info/dnsbl-details.php?dnsbl=dnsbl.cyberlogic.net
157 On or about 5/21/2018 the cyberlogic DNSBL ceased functioning properly.
158 https://www.dnsbl.com/2018/05/
159 As reported on the mailop mailing list on Friday May 25, 2018, the blocking list at dnsbl.cyberlogic.net now contains a "wildcard" DNS entry, effectively listing the entire internet
160 http://www.rbl.jp/allrbl-e.html
161 website asks for login or just errors
162 http://www.spamhauswhitelist.com/en/
163 looks like a parked domain with ads
164 http://stopspam.org/rblcheck/index.php
166 http://www.stopspam.org/rbl-info/
168 http://countries.nerd.dk/
169 unable to connect, also for nerd.dk
170 http://dul.ru/dul.en.html
172 http://dns.measurement-factory.com/surveys/openresolvers.html
174 »The following text describes past open DNS resolver surveys and an associated DNS lookup service that has been long shut down«
175 http://www.sectoor.de/tor.php
177 http://anticaptcha.net/
179 http://blacklist.lashback.com/
180 query zone: ubl.unsubscore.com
181 provider’s website https://lashback.com/ seems alive and active (news entries from 2023) but does not link to the blacklist
182 rsync URLs seem dead, so does the download url
183 http://blacklist.woody.ch/
184 no entries in the displayed "top 100"
185 may have been absorbed into the swinog blacklists, see antispam.imp.ch
186 http://cbl.abuseat.org/
187 https://www.abuseat.org/
188 changes to the CBL that occured in January 2021. In short, the CBL infrastructure was replaced by the Spamhaus XBL structure
189 http://dnsbl.burnt-tech.com/
191 http://rbl.dns-servicios.com/rbl.php
192 website can not be found
193 http://spamcannibal.org/
194 dead, as of at least 2018
195 http://st.technovision.dk/
196 https://docs.hetrixtools.com/st-technovision-dk-inactive-removed/
197 [December 8, 2021] This RBL has stopped responding to DNS queries.
198 http://spamstinks.com/
199 cert is for generic hostname
200 website shows some login form
202 https://www.rollernet.us/2017/01/shutdown-of-virbl-dnsbl-bit-nl/
203 January 23, 2017: »The Virbl-project site has been replaced by this static message to inform those that find their ways here. The Virbl DNSBL-zone was emptied and will be removed all together at a moment further on in the future.«
204 http://www.blocklist.de/en/index.html
205 lots of timeouts as of 2023
206 forum link is dead, among others
207 seems unmaintained but alive
208 latest news is from 2016
209 latest blog entry from 2022
210 Abusix, a network security company for mail security and abuse report handling, takes over blocklist.de to integrate it within its Abusix platform to further improve its data quality.
211 http://www.emailbasura.org/cgi-bin/emailbasura-ini.pl?lang=eng
213 http://www.leadmon.net/spamguard/
215 http://www.srntools.com/blacklist/
216 redirects to comodo.com subdomain where I can’t find any information about a DNSBL
217 https://bl.konstant.no/
218 https://docs.hetrixtools.com/bl-konstant-no-unresponsive-removed/
219 [July 29, 2022] This RBL has become unresponsive, and we’ve removed it from our system until it returns to functioning normally again.
220 https://www.megarbl.net/
222 https://www.blalert.com/dnsbl/rbl.megarbl.net
223 »This blacklist is marked as inactive and is not being checked at the moment. We will be tracking it to see if it goes to normal again.«
225 https://antispam.imp.ch/
228 no good listing policy
229 information received from inquiry to provider
230 website will be updated
232 dnsrbl.swinog.ch and uribl.swinog.ch (holding time increases with hits)
234 127.0.0.10 => TRAP (Email sent to a spamtrap)
235 127.0.0.11 => REPO (Email reported as Spam by customer)
236 spamrbl.imp.ch (3 days holding time)
237 IPs are listed when trying to send mail to the spamtrap mailserver
238 MD5 hash: attachment sent to the swinog blacklist
241 http://blacklist.woody.ch/rblcheck.php3
245 https://docs.hetrixtools.com/lookup-dnsbl-iip-lu-false-positive-removed/
246 in 2016: lookup.dnsbl.iip.lu blacklist started issuing false positive responses and upon further investigation looks to be abandoned/dead.
247 https://www.blalert.com/dnsbl/lookup.dnsbl.iip.lu
248 This blacklist is marked as "shut down" and non-operational as of 2017-12-31.
249 http://dnsbl.inps.de/
251 https://www.dnsbl.com/search/label/dnsbl.inps.de
252 Today, May 25, 2020, he has announced that it is shutting down, due to concerns around GDPR and personal challenges brought on by the coronavirus pandemic.
253 https://docs.hetrixtools.com/dnsbl-inps-de-removed-from-our-system/
254 [May 29,2018] IPv4 RBL dnsbl.inps.de has been removed from our system, as they have decided to discontinue the RBL project for the time being.
255 https://glockapps.com/blacklist/dnsbl-inps-de/
256 Today, May 25, 2020, he has announced that it is shutting down, due to concerns around GDPR and personal challenges brought on by the coronavirus pandemic.
257 https://www.dnsbl.info/dnsbl-details.php?dnsbl=dnsbl.inps.de
258 This blacklist is offline as of May 1, 2020.
259 https://web.archive.org/web/20220428013500/http://www.inps.de/
265 dob.sibl.support-intelligence.net
270 http://www.usenix.org.uk/content/rbl.html
275 https://help.fasthosts.co.uk/app/answers/detail/a_id/140/kw/rbl
277 https://antispam.fasthosts.co.uk/
280 http://barracudacentral.org/rbl
281 requires account with extensive information (more than spamhaus e.g.):
287 your state/province name.
288 your zip/postal code.
289 the name of the alternate contact.
290 the phone number of the alternate contact.
291 the email address of the alternate contact.
292 seems well documented
295 http://www.spamhaus.org/organization/statement/008/fake-dnsbl-uncovered-nszones.com
296 http://www.backscatterer.org/
297 questionable policy - pay for (quicker) delisting
298 https://support.hornetsecurity.com/hc/en-us/articles/360011880797-Why-are-Hornetsecurity-IP-addresses-listed-at-Backscatterer-
299 as of December 29, 2021: »The removal at the blacklist backscatterer.org can only be done for a fee«
300 https://www.warmy.io/blog/backscatterer-blacklist-how-to-remove-your-ip-from-it
301 in March 17, 2023 does not mention need to pay
302 https://support.forcepoint.com/s/article/Forcepoint-IP-s-blocklisted-by-UCEProtect-and-Backscatterer-org
303 recommend against using it
304 https://whatismyipaddress.com/backscatterer
305 mentions strict delisting process and "express delisting" but nothing further
306 https://bobcares.com/blog/backscatterer-blacklist/
307 goes through the process with screenshots showing express delisting for 109$
308 https://community.cisco.com/t5/email-security/issues-with-www-backscatterer-org-any-one/td-p/1298377
310 https://www.titanhq.com/blog/warning-ignore-pay-for-de-listing-blacklist-service/
311 Jan 17th, 2020: »UCEProtect also charges a delisting fee. TitanHQ discourages email administrators from using the UCEProtect blacklist and we do not recommend paying for list removal«
312 https://web.archive.org/web/20150320180344/http://www.jvfconsulting.com/blog/130/Backscatterer_Network_Spam_List_Is_Another_UCEPROTECT_Extortion_Scam.html
316 https://cncz.science.ru.nl/en/howto/email-spam/
317 not really its own DNSBL?
321 seems serious but missing necessary info
324 http://blacklist.jippg.org/
330 https://www.virusfree.cz/en/help is the only place I can find any official reference to this list at all but no policies or usage information
331 https://www.nixspam.net/
332 previously http://www.dnsbl.manitu.net/
333 query zone: ix.dnsbl.manitu.net
334 provided by the reputable german publisher 'heise' which makes the high quality c’t, iX, and telepolis magacines
335 difficult to find info regarding listing policy
336 asked for more information to be added
337 https://www.heise.de/forum/iX/Kommentare/Gemeinsam-stark/Nutzungsbedingungen-Return-Codes-sonstige-Infos/posting-42669177/show/
339 website works but barely any info, not even how to query it
340 https://www.redhawk.org/?p=64
341 https://www.redhawk.org/SpamHawk/index.php
342 https://senderscore.org/
343 requires registration?
344 Scam? http://www.complaintsboard.com/complaints/buyer-beware-senderscoreorg-is-a-scam-c276871.html
345 https://senderscore.org/assess/blocklist-lookup/
346 FAQ: https://knowledge.validity.com/hc/en-us/articles/360006992592-Return-Path-Blocklist-RPBL-FAQ-
347 no information how to query found
349 https://ers.trendmicro.com/
350 trendmicro paid service
351 https://docs.trendmicro.com/en-us/enterprise/email-reputation-services-online-help/getting-started_001/configuring-email-re/creating-an-account.aspx
352 »If you don’t create an account, you can still query the reputation of an IP address«
353 I don’t find any pricing or usage information
354 http://dnsbl.tornevall.org/
355 https://www.tornevall.net/
356 related to https://www.fraudbl.org/
357 seems a bit unstructured and not very well documented
358 I can’t be arsed to deal with confluence slowing my browser to a halt repeatedly and it’s really hard to navigate but there seems to be some information on https://docs.tornevall.net/display/TORNEVALL/Endpoint%3A+dnsbl+-+DNSBL+v5+with+API+v3
360 http://rbl.schulte.org/
362 listing policy seems to be: they received spam from an IP
363 usage policy: Anyone can use this RBL list [sic]
364 return codes: probably boolean, i.e. either listed or not
365 http://relaytest.kundenserver.de/
366 by 1und1 (now ionos?), used internally
367 https://www.blalert.com/dnsbl/relays.bl.kundenserver.de
368 no usage policy found
369 no listing policy found
370 no return code explanation found
371 http://www.blockedservers.com/
376 No rights given; all rights are in the dumpster; Copyleft 2012 - 3013 - page generated in 0.009843111038208 secs
377 https://choon.net/dnsbl.php
378 no usage policy or instructions
380 only automatic delisting after 30 days
384 http://blogs.technet.com/b/fss/archive/2009/05/08/forefront-dnsbl-yeah-or-nay.aspx
385 https://web.archive.org/web/20150812003556/http://blogs.technet.com/b/fss/archive/2009/05/08/forefront-dnsbl-yeah-or-nay.aspx
386 https://www.blalert.com/dnsbl/88.blacklist.zap
387 88.blacklist.zap is an internal blacklist maintained by Microsoft's Forefront
388 https://www.dnsbl.com/search/label/frontbridge
390 »Use of any DrMX.ORG DNS Zone is by request and by contract only.«
392 tdk.net seems dead on http(s)
394 https://www.blalert.com/dnsbl/rbl.tdk.net
395 old link: http://postmaster.tdc.dk/publish.php?id=31787
396 tdc.dk redirects to yousee.dk
397 https://web.archive.org/web/20170703084224/http://postmaster.tdc.dk/publish.php?id=31787
400 https://www.blalert.com/dnsbl/rbl.zenon.net
401 http://www.noc.zenon.net/rbl/
404 was public until 2015
405 now private, invite-only
406 http://rfc-clueless.org/
408 that do not adhere to common best practices or requirements
409 does NOT list spammers!
410 listing criteria are explained well
411 http://rfc-clueless.org/pages/listing_policy
412 return codes are explained
413 http://rfc-clueless.org/
414 usage policy is not so clear but the FAQ implies that it’s just free to use for everyone
416 first noticed in 2014 and deactivated
417 retried in 2023 and still the case
418 http://spameatingmonkey.com/
420 that sent backscatter
421 that sent to spamtrap
423 this includes dial-up!
424 https://spameatingmonkey.com/faq/policy-based-listing
428 usage policy seems clear
429 https://spameatingmonkey.com/faq/query-limits
430 listing policy seems clear
431 https://spameatingmonkey.com/services
432 return codes documented
433 https://spameatingmonkey.com/services
434 http://blogspambl.com/
435 redirects to spameatingmonkey.com
438 that appear in spam bodies
441 that URIs in spam bodies resolve to
442 return codes are documented
443 https://uribl.com/about.shtml#implementation
445 127.0.0.1 is used to signal abusive query behaviour
446 http://wiki.junkemailfilter.com/index.php/Spam_DNS_Lists
450 usage policy is relatively clear that it’s free, except maybe for big for-profit oranizations
451 listing policy is documented
452 return codes are documented
453 seems very trustworthy
454 http://www.sorbs.net/
458 usage policy is clear that it’s free
459 listing policy is documented
460 return codes are documented
462 http://www.spamhaus.org/
465 seems very professional
468 usage policy is clear
469 https://www.spamhaus.org/organization/dnsblusage/
470 listing policies are clearly documented
471 return codes are clearly documented
472 http://www.surbl.org/
475 usage policy is clear
476 https://surbl.org/usage-policy
477 listing policy is documented
478 return codes are documented
480 127.0.0.1 means blocked
484 listing policy seems clear
485 https://zapbl.net/policy
486 usage policy seems clearly free for everyone
487 https://zapbl.net/using
488 return codes are documented
490 https://rbl.foobar.hu/
493 listing policy seems clear
494 usage policy seems clearly free for everyone
495 return codes are documented
496 possibly unmaintained or dead
497 footer says: ©2013-14
498 http://apews.org/?page=filter
500 https://www.dnsbl.com/search/label/apews
501 https://whatismyipaddress.com/apews
503 no news on http://apews-user.blogspot.com/ since 2014
504 not further looked into because of the above
505 https://www.dnswl.org/
506 seems to be run with best intentions but has had issues from what I have heard from some users
507 IRC channel has some activity
508 usage policy relatively clear
509 free within certain limits
512 return codes are documented
514 https://www.dnsblchile.org/index.en.html
515 chilenian spam so not interesting for me
517 00_LISTS_BLOGSPAMMERS
518 https://www.madavi.de/madavibl/
519 »This blacklist should only be used to block comment spammer (on blogs and websites). Don’t use it for mail.«
521 does not exist anymore
522 empty.us returns »Nothing here, obviously.«
525 http://korea.services.net/
527 00_LISTS_OPENRESOLVERS
529 https://www.dan.me.uk/dnsbl
530 http://rbl.efnetrbl.org/
531 aka http://tor.efnet.org/
533 lists open proxies, infected machines, tornodes, etc.
535 clear information on usage policy
536 Nothing. The 0Spam Project is absolutely free for email providers, IT professionals and general removal request.
537 DNSBL service and removals are 100% for free for all uses; commercial, non profit and personal.
539 listing policies are a little less clear
540 bl.0spam.org DNSBL | 0spam Spam Trap Primary Database
541 nbl.0spam.org Network Black List | Spam Source Networks, high volume of spam trap hits in a Class C block will result in network listings in this DNSBL.
542 url.0spam.org URL Black List | This list contains the IP address of domains found to be in the source of spam emails found in our traps.
543 return codes not very clear
547 The last IP address before destination in the email headers is listed into rbl.abuse.ro list.
548 Sender domains are analyzed and if confirmed to be not spoofed, are listed into dbl.abuse.ro list
549 Spamvertized domains (including those indirectly linked through services like bit.ly) are listed into uribl.abuse.ro list
551 usage policy is clear: free for whatever
552 listing policy is not quite so clear
553 can be mostly inferred from the classes but not entirely clear IMHO
556 not explicitly mentioned but it’s 127.0.0.X where X is the class from https://dronebl.org/classes
558 query zone: psbl.surriel.com
559 no usage policy, but seems implied that usage is free
561 no explicit, complete policy given but sending to spamtraps is mentioned to get you listed and seems the exclusive mechanism
563 not documented, probably only boolean
564 http://rbldata.interserver.net/
565 listing policy more or less clear
566 usage policy not given but since usage is explained it’s probably free for all
567 return codes seem to be binary, i.e. either listed or not
571 usage policy not explicit but seems to be free
572 listing policy also not explicit but can be inferred from return code explanation
573 return codes are explained
575 clear usage policy (ToS)
576 listing policies documented
577 return codes of aggregated list documented
580 usage policy documented
581 listing policy not really clear
582 return codes documented
584 listing procedure is documented
585 usage policy implied: free to use
586 return codes documented
587 http://www.aupads.org/
588 aka www.antispam-ufrj.pads.ufrj.br
590 listing policy more or less clear
592 usage policy seems clear: freely exported by anybody who wants to use them«
593 http://www.gbudb.com/truncate/
595 usage policy seems implied: free use
596 return codes documented
597 »Truncate is very conservative. On most systems it can be safely used to reject connections!«
598 http://www.justspam.org/
599 listing policy documented
600 warning: relies on listings in other DNSBLs! also for delisting!
603 http://www.kempt.net/dnsbl/
604 listing policy documented
605 usage policy documented
606 return codes undocumented
607 http://www.spamcop.net/
608 listing policy documented
609 The SCBL is aggressive and often errs on the side of blocking mail
610 usage policy is: free
612 return codes documented
613 http://www.spamsources.fabel.dk/
614 usage policy is: free
615 listing policy seems clear
617 http://www.uceprotect.net/en/index.php
618 takes money for faster delisting
619 listing policy is documented
620 usage policy is documented: free
622 https://www.heise.de/hintergrund/Spam-Golem-291396.html
625 https://news.admin.net-abuse.email.narkive.com/boJTu7JC/claus-v-wolfhausen-harasement
626 https://www.linode.com/community/questions/2324/uceprotectnet-has-us-blacklisted
627 https://uceprotect.wtf/
628 https://www.aaroncake.net/misc/showthought.asp?thought=57
629 https://www.dnsbl.com/search/label/claus%20v.%20wolfhausen
630 https://wordtothewise.com/2018/06/another-day-another-dead-blacklist/
631 https://community.spiceworks.com/topic/2170592-uceprotect-blacklist-scam
632 http://kontech.net/uceprotect-blacklist-scheme-2020/
633 http://www.whitelisted.org/
636 related to uceprotect, see there
637 https://www.abuse.ch/
638 https://www.abuse.ch/?tag=httpbl
639 https://www.kisarbl.or.kr/
640 https://www.team-cymru.org/Services/Bogons/dns.html
643 does not list spammers but bogons
645 usage policy not quite clear ATM
646 return codes documented: binary
647 http://mailspike.net/usage.html
649 https://puck.nether.net/or/
651 http://www.isipp.com/email-accreditation/iadb-query-instruction/
653 not quite a usage policy, but seems ok
654 strange split of ipv4 and ipv6
projects / user / henk / docs / dnsbl_notes.git / blob