Wandering Thoughts archives


Checking for dead DNSBls

Another Saturday, another spam entry. Today I decided to look at our logs to see if some of the DNSBls we check had either gone away or weren't giving us any hits. Since our software checks DNSBls in sequence instead of in parallel, removing useless DNSBls both reduces query volume and speeds things up slightly.

(In general, it's wise to do this periodically unless you're current on news.admin.net-abuse.email and other information sources, and already know about any changed or decommissioned DNSbls.)

This time around, I didn't find any. The closest to not being used is opm.blitzed.org, with dnsbl.njabl.org and relays.ordb.org as runners-up, but I decided not to remove any of them.

I also considered shuffling the order of the checks, but decided against it on policy reasons. I would rather reject a SMTP connection for a clear neutral reason like 'open proxy' rather than something more contentious, like 'listed in Spews', even if being listed in Spews is several times more likely than being listed in opm.blitzed.org. So opm.blitzed.org stays before Spews in our checks.

This isn't a completely loss; although I wasn't able to remove anything and this blog entry is a bit boring as a result, at least I checked.

Read more »

spam/CheckingDNSBls written at 02:29:52; Add Comment

Page tools: See As Normal.
Login: Password:
Atom Syndication: Recent Pages, Recent Comments.

This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.