X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=dnslists.otl;h=da12cc71b3326edd558d30219fed3f1a5c442378;hb=a8ebbbc533e9d09fed5d211d48c6067ede496dcd;hp=6e5877643cd6db5cb4bf78e35cf73b433a926036;hpb=4c6044b8e7261f564be93f8360692bd04449407e;p=user%2Fhenk%2Fdocs%2Fdnsbl_notes.git

diff --git a/dnslists.otl b/dnslists.otl
index 6e58776..da12cc7 100644
--- a/dnslists.otl
+++ b/dnslists.otl
@@ -1,6 +1,9 @@
 TODO
 	check and link (de)listing policy
 		NOGO: delisting for money
+		how long does automatic delisting take?
+			7d is already quite long
+			anything >7d seems excessive and should probably not be used
 	check and link usage policy
 	check and link return codes
 	find newsfeed or mailinglist
@@ -201,6 +204,36 @@ TODO
 	http://virbl.bit.nl/
 		https://www.rollernet.us/2017/01/shutdown-of-virbl-dnsbl-bit-nl/
 			January 23, 2017: Â»The Virbl-project site has been replaced by this static message to inform those that find their ways here. The Virbl DNSBL-zone was emptied and will be removed all together at a moment further on in the future.Â«
+	http://www.blocklist.de/en/index.html
+		lots of timeouts as of 2023
+		forum link is dead, among others
+		seems unmaintained but alive
+		latest news is from 2016
+		latest blog entry from 2022
+			Abusix, a network security company for mail security and abuse report handling, takes over blocklist.de to integrate it within its Abusix platform to further improve its data quality.
+	http://www.emailbasura.org/cgi-bin/emailbasura-ini.pl?lang=eng
+		placeholder/parked?
+	http://www.leadmon.net/spamguard/
+		website times out
+	http://www.srntools.com/blacklist/
+		redirects to comodo.com subdomain where I canât find any information about a DNSBL
+	https://bl.konstant.no/
+		https://docs.hetrixtools.com/bl-konstant-no-unresponsive-removed/
+			[July 29, 2022] This RBL has become unresponsive, and weâve removed it from our system until it returns to functioning normally again.
+	https://www.megarbl.net/
+		connection times out
+		https://www.blalert.com/dnsbl/rbl.megarbl.net
+			Â»This blacklist is marked as inactive and is not being checked at the moment. We will be tracking it to see if it goes to normal again.Â«
+	https://www.kisarbl.or.kr/
+		canât find information about it
+		website redirects to https://spam.kisa.or.kr/ which gives a 404
+	https://www.abuse.ch/
+		old, defunct link: https://www.abuse.ch/?tag=httpbl
+		does not seem to have a DNSBL (anymore)
+			might be incorporated into spamhaus?
+		does host other databases about threats
+	https://puck.nether.net/or/
+		website is dead
 00_NEEDS_RECHECK
 	https://antispam.imp.ch/
 		no usage policy
@@ -273,6 +306,24 @@ TODO
 	00_E_EVIL
 		sbl.nszones.com
 			http://www.spamhaus.org/organization/statement/008/fake-dnsbl-uncovered-nszones.com
+		http://www.backscatterer.org/
+			questionable policy - pay for (quicker) delisting
+			https://support.hornetsecurity.com/hc/en-us/articles/360011880797-Why-are-Hornetsecurity-IP-addresses-listed-at-Backscatterer-
+				as of December 29, 2021: Â»The removal at the blacklist backscatterer.org can only be done for a feeÂ«
+			https://www.warmy.io/blog/backscatterer-blacklist-how-to-remove-your-ip-from-it
+				in March 17, 2023 does not mention need to pay
+			https://support.forcepoint.com/s/article/Forcepoint-IP-s-blocklisted-by-UCEProtect-and-Backscatterer-org
+				recommend against using it
+			https://whatismyipaddress.com/backscatterer
+				mentions strict delisting process and "express delisting" but nothing further
+			https://bobcares.com/blog/backscatterer-blacklist/
+				goes through the process with screenshots showing express delisting for 109$
+			https://community.cisco.com/t5/email-security/issues-with-www-backscatterer-org-any-one/td-p/1298377
+				more opinions
+			https://www.titanhq.com/blog/warning-ignore-pay-for-de-listing-blacklist-service/
+				Jan 17th, 2020: Â»UCEProtect also charges a delisting fee. TitanHQ discourages email administrators from using the UCEProtect blacklist and we do not recommend paying for list removalÂ«
+			https://web.archive.org/web/20150320180344/http://www.jvfconsulting.com/blog/130/Backscatterer_Network_Spam_List_Is_Another_UCEPROTECT_Extortion_Scam.html
+				another opinion
 	00_E_INFORMATION
 		blacklist.sci.kun.nl
 			https://cncz.science.ru.nl/en/howto/email-spam/
@@ -330,6 +381,16 @@ TODO
 			no usage policy found
 			no listing policy found
 			no return code explanation found
+		http://www.blockedservers.com/
+			no usage policy
+			no listing policy
+			no documentation
+			"funny":
+				No rights given; all rights are in the dumpster; Copyleft 2012 - 3013 - page generated in 0.009843111038208 secs
+		https://choon.net/dnsbl.php
+			no usage policy or instructions
+			no listing policy
+			only automatic delisting after 30 days
 	00_E_PAID
 	00_E_PRIVATE
 		88.blacklist.zap
@@ -421,6 +482,8 @@ TODO
 			https://www.spamhaus.org/organization/dnsblusage/
 		listing policies are clearly documented
 		return codes are clearly documented
+		history of grandeur and retaliation listings
+			https://www.heise.de/hintergrund/Spam-Golem-291396.html
 	http://www.surbl.org/
 		good reputation
 		lists domains/URIs
@@ -533,39 +596,73 @@ TODO
 		listing policy not really clear
 		return codes documented
 	http://wpbl.info/
+		listing procedure is documented
+		usage policy implied: free to use
+		return codes documented
 	http://www.aupads.org/
-	http://www.backscatterer.org/
-		fragwuerdige policy - bezahlen fuer schnelleres delisting
-	http://www.blockedservers.com/
-	http://www.blocklist.de/en/index.html
-	http://www.emailbasura.org/cgi-bin/emailbasura-ini.pl?lang=eng
+		aka www.antispam-ufrj.pads.ufrj.br
+		aka www.orve.org 
+		listing policy more or less clear
+		lists IPs and FQDNs
+		usage policy seems clear: freely exported by anybody who wants to use themÂ«
 	http://www.gbudb.com/truncate/
+		listing policy
+		usage policy seems implied: free use
+		return codes documented
+		Â»Truncate is very conservative. On most systems it can be safely used to reject connections!Â«
 	http://www.justspam.org/
+		listing policy documented
+			warning: relies on listings in other DNSBLs! also for delisting!
+		usage policy clear
+		return codes: binary
 	http://www.kempt.net/dnsbl/
-	http://www.leadmon.net/spamguard/
+		listing policy documented
+		usage policy documented
+		return codes undocumented
 	http://www.spamcop.net/
-		good policy
+		listing policy documented
+			The SCBL is aggressive and often errs on the side of blocking mail
+		usage policy is: free
 		good reputation
+		return codes documented
 	http://www.spamsources.fabel.dk/
-		sensible policy
-	http://www.srntools.com/blacklist/
+		usage policy is: free
+		listing policy seems clear
+		lists IPs
 	http://www.uceprotect.net/en/index.php
-	https://bl.konstant.no/
-	https://choon.net/rbl.php
-	https://www.abuse.ch/
-		https://www.abuse.ch/?tag=httpbl
-	https://www.kisarbl.or.kr/
-	https://www.megarbl.net/
-	https://www.team-cymru.org/Services/Bogons/dns.html
-	http://mailspike.net/usage.html
-		reputation-based
+		takes money for faster delisting
+		listing policy is documented
+		usage policy is documented: free
+		a lot of drama
+			https://www.heise.de/hintergrund/Spam-Golem-291396.html
+				german
+				also see comments
+			https://news.admin.net-abuse.email.narkive.com/boJTu7JC/claus-v-wolfhausen-harasement
+			https://www.linode.com/community/questions/2324/uceprotectnet-has-us-blacklisted
+			https://uceprotect.wtf/
+			https://www.aaroncake.net/misc/showthought.asp?thought=57
+			https://www.dnsbl.com/search/label/claus%20v.%20wolfhausen
+			https://wordtothewise.com/2018/06/another-day-another-dead-blacklist/
+			https://community.spiceworks.com/topic/2170592-uceprotect-blacklist-scam
+			http://kontech.net/uceprotect-blacklist-scheme-2020/
 	http://www.whitelisted.org/
 		paid subscription
 		policy on site
-	https://puck.nether.net/or/
-		policies on website
-	http://www.isipp.com/email-accreditation/iadb-query-instruction/
-		requires signup
-		not quite a usage policy, but seems ok
-		strange split of ipv4 and ipv6
-		seems dead?
+		related to uceprotect, see there
+	https://www.team-cymru.org/Services/Bogons/dns.html
+		good reputation
+		lists IPs
+		does not list spammers but bogons
+		clear listing policy
+		usage policy not quite clear ATM
+		return codes documented: binary
+	http://mailspike.net/usage.html
+		lists IPs
+		response codes according to their reputation, both positive and negative
+		listing policy documented
+		usage policy documented
+	https://www.isipp.com/for-isps/iadb-query/
+		usage policy seems clear: It is free to query all of the IADB, IADB2, and WADB.
+		not quite a whitelist but closer to whitelist than blacklist
+		listing policy seems to be: get certified by them (for a fee) https://www.isipp.com/email-accreditation/faq/#pricing
+		response codes are documented