2005-07-03
Checking for dead DNSBls
Another Saturday, another spam entry. Today I decided to look at our logs to see if some of the DNSBls we check had either gone away or weren't giving us any hits. Since our software checks DNSBls in sequence instead of in parallel, removing useless DNSBls both reduces query volume and speeds things up slightly.
(In general, it's wise to do this periodically unless you're current
on news.admin.net-abuse.email and other information sources, and
already know about any changed or decommissioned DNSbls.)
This time around, I didn't find any. The closest to not being used is
opm.blitzed.org, with dnsbl.njabl.org and relays.ordb.org as
runners-up, but I decided not to remove any of them.
I also considered shuffling the order of the checks, but decided
against it on policy reasons. I would rather reject a SMTP connection
for a clear neutral reason like 'open proxy' rather than something
more contentious, like 'listed in Spews', even if being listed in
Spews is several times more likely than being listed in
opm.blitzed.org. So opm.blitzed.org stays before Spews in our
checks.
This isn't a completely loss; although I wasn't able to remove anything and this blog entry is a bit boring as a result, at least I checked.