implement in exim
implement in SA
implement in rspamd
-implement
- https://abuse.ro/
- policy
- spamtraps
- The last IP address before destination in the email headers is listed into rbl.abuse.ro list.
- Sender domains are analyzed and if confirmed to be not spoofed, are listed into dbl.abuse.ro list
- Spamvertized domains (including those indirectly linked through services like bit.ly) are listed into uribl.abuse.ro list
00_META
https://bugs.launchpad.net/ubuntu/+source/amispammer/+bug/835614
http://www.blalert.com/dnsbls
https://knowledge.validity.com/hc/en-us/sections/204468388-Blocklists
https://github.com/zbetcheckin/DNSBLs
https://en.wikipedia.org/wiki/Comparison_of_DNS_blacklists
+ https://www.impressionwise.com/kb/threats/rbl-advisories.html
00_ELANG
http://dnsbl.aspnet.hu/
hungarian?
http://dns.measurement-factory.com/surveys/openresolvers.html
dead
»The following text describes past open DNS resolver surveys and an associated DNS lookup service that has been long shut down«
+ http://www.sectoor.de/tor.php
+ timeouts
+ http://anticaptcha.net/
+ for sale
+ http://blacklist.lashback.com/
+ query zone: ubl.unsubscore.com
+ provider’s website https://lashback.com/ seems alive and active (news entries from 2023) but does not link to the blacklist
+ rsync URLs seem dead, so does the download url
+ http://blacklist.woody.ch/
+ no entries in the displayed "top 100"
+ may have been absorbed into the swinog blacklists, see antispam.imp.ch
+ http://cbl.abuseat.org/
+ https://www.abuseat.org/
+ changes to the CBL that occured in January 2021. In short, the CBL infrastructure was replaced by the Spamhaus XBL structure
+ http://dnsbl.burnt-tech.com/
+ domain is for sale
+ http://rbl.dns-servicios.com/rbl.php
+ website can not be found
+ http://spamcannibal.org/
+ dead, as of at least 2018
+ http://st.technovision.dk/
+ https://docs.hetrixtools.com/st-technovision-dk-inactive-removed/
+ [December 8, 2021] This RBL has stopped responding to DNS queries.
+ http://spamstinks.com/
+ cert is for generic hostname
+ website shows some login form
00_NEEDS_RECHECK
https://antispam.imp.ch/
no usage policy
http://blacklist.woody.ch/rblcheck.php3
dead?
waiting for feedback
+ http://dnsbl.iip.lu/
+ https://docs.hetrixtools.com/lookup-dnsbl-iip-lu-false-positive-removed/
+ in 2016: lookup.dnsbl.iip.lu blacklist started issuing false positive responses and upon further investigation looks to be abandoned/dead.
+ https://www.blalert.com/dnsbl/lookup.dnsbl.iip.lu
+ This blacklist is marked as "shut down" and non-operational as of 2017-12-31.
+ http://dnsbl.inps.de/
+ timeout
+ https://www.dnsbl.com/search/label/dnsbl.inps.de
+ Today, May 25, 2020, he has announced that it is shutting down, due to concerns around GDPR and personal challenges brought on by the coronavirus pandemic.
+ https://docs.hetrixtools.com/dnsbl-inps-de-removed-from-our-system/
+ [May 29,2018] IPv4 RBL dnsbl.inps.de has been removed from our system, as they have decided to discontinue the RBL project for the time being.
+ https://glockapps.com/blacklist/dnsbl-inps-de/
+ Today, May 25, 2020, he has announced that it is shutting down, due to concerns around GDPR and personal challenges brought on by the coronavirus pandemic.
+ https://www.dnsbl.info/dnsbl-details.php?dnsbl=dnsbl.inps.de
+ This blacklist is offline as of May 1, 2020.
+ https://web.archive.org/web/20220428013500/http://www.inps.de/
00_NEEDS_RESEARCH
bl.tiopan.com
blocked.hilli.dk
https://docs.trendmicro.com/en-us/enterprise/email-reputation-services-online-help/getting-started_001/configuring-email-re/creating-an-account.aspx
»If you don’t create an account, you can still query the reputation of an IP address«
I don’t find any pricing or usage information
+ http://dnsbl.tornevall.org/
+ https://www.tornevall.net/
+ related to https://www.fraudbl.org/
+ seems a bit unstructured and not very well documented
+ I can’t be arsed to deal with confluence slowing my browser to a halt repeatedly and it’s really hard to navigate but there seems to be some information on https://docs.tornevall.net/display/TORNEVALL/Endpoint%3A+dnsbl+-+DNSBL+v5+with+API+v3
+ seems active
+ http://rbl.schulte.org/
+ seems active
+ listing policy seems to be: they received spam from an IP
+ usage policy: Anyone can use this RBL list [sic]
+ return codes: probably boolean, i.e. either listed or not
+ http://relaytest.kundenserver.de/
+ by 1und1 (now ionos?), used internally
+ https://www.blalert.com/dnsbl/relays.bl.kundenserver.de
+ no usage policy found
+ no listing policy found
+ no return code explanation found
00_E_PAID
00_E_PRIVATE
88.blacklist.zap
00_LISTS_DIALUPS
00_LISTS_OPENRESOLVERS
00_LISTS_TORNODES
- http://www.sectoor.de/tor.php
https://www.dan.me.uk/dnsbl
https://0spam.org/
clear information on usage policy
nbl.0spam.org Network Black List | Spam Source Networks, high volume of spam trap hits in a Class C block will result in network listings in this DNSBL.
url.0spam.org URL Black List | This list contains the IP address of domains found to be in the source of spam emails found in our traps.
return codes not very clear
- http://anticaptcha.net/
- http://blacklist.lashback.com/
- http://ubl.unsubscore.com
- http://blacklist.woody.ch/rblcheck.php3
- http://cbl.abuseat.org/
- http://dnsbl.burnt-tech.com/
- http://dnsbl.iip.lu/
- http://dnsbl.inps.de/
- http://dnsbl.tornevall.org/
+ https://abuse.ro/
+ policy
+ spamtraps
+ The last IP address before destination in the email headers is listed into rbl.abuse.ro list.
+ Sender domains are analyzed and if confirmed to be not spoofed, are listed into dbl.abuse.ro list
+ Spamvertized domains (including those indirectly linked through services like bit.ly) are listed into uribl.abuse.ro list
http://dronebl.org/
- http://mailspike.net/usage.html
+ usage policy is clear: free for whatever
+ listing policy is not quite so clear
+ can be mostly inferred from the classes but not entirely clear IMHO
+ has an IRC channel
+ return codes
+ not explicitly mentioned but it’s 127.0.0.X where X is the class from https://dronebl.org/classes
http://psbl.org/
query zone: psbl.surriel.com
- http://rbl.dns-servicios.com/rbl.php
- http://rbl.schulte.org/
+ no usage policy, but seems implied that usage is free
+ listing policy
+ no explicit, complete policy given but sending to spamtraps is mentioned to get you listed and seems the exclusive mechanism
+ return codes
+ not documented, probably only boolean
http://rbldata.interserver.net/
- may be dead: http://www.blalert.com/dnsbl/rbl.interserver.net
- http://relaytest.kundenserver.de/
+ listing policy more or less clear
+ usage policy not given but since usage is explained it’s probably free for all
+ return codes seem to be binary, i.e. either listed or not
+ lists IPs
+ lists domains/URIs
http://rv-soft.info/
- http://spamcannibal.org/dnsbl_check.shtml
+ usage policy not explicit but seems to be free
+ listing policy also not explicit but can be inferred from return code explanation
+ return codes are explained
http://spamrats.com/
- http://spamstinks.com/
- http://st.technovision.dk/
+ clear usage policy (ToS)
+ listing policies documented
+ return codes of aggregated list documented
+ lists IPs
http://tor.efnet.org/
http://rbl.efnetrbl.org/ MIRROR
http://v4bl.org/
http://www.justspam.org/
http://www.kempt.net/dnsbl/
http://www.leadmon.net/spamguard/
- http://www.rbl.jp/allrbl-e.html
http://www.spamcop.net/
good policy
good reputation
sensible policy
http://www.srntools.com/blacklist/
http://www.uceprotect.net/en/index.php
- http://www.usenix.org.uk/content/rbl.html
- http://zapbl.net/
https://bl.konstant.no/
https://choon.net/rbl.php
- https://puck.nether.net/or/
- might be good
- https://rbl.foobar.hu/
https://www.abuse.ch/
https://www.abuse.ch/?tag=httpbl
https://www.kisarbl.or.kr/
https://www.team-cymru.org/Services/Bogons/dns.html
http://mailspike.net/usage.html
reputation-based
- http://www.spamhauswhitelist.com/en/
- policies for listing and usage on the website
http://www.whitelisted.org/
paid subscription
policy on site
https://puck.nether.net/or/
policies on website
- https://rbl.foobar.hu/
- usage and listing policies on website
http://www.isipp.com/email-accreditation/iadb-query-instruction/
requires signup
- https://choon.net/rbl.php
not quite a usage policy, but seems ok
strange split of ipv4 and ipv6
seems dead?
- https://www.dnswl.org/
projects / user / henk / docs / dnsbl_notes.git / blobdiff