Comparison of DNS blacklists
From Wikipedia, the free encyclopedia
 |
Please help improve this article or section by expanding it. Further information might be found on the talk page or at requests for expansion. This article has been tagged since January 2007. |
The following table lists technical information for a number of DNS blacklists.
| Blacklist operator | DNS blacklist | Informational URL | Zone | Listing goal | Nomination | Listing lifetime | Notes |
|---|---|---|---|---|---|---|---|
| Spam and Open Relay Blocking System (SORBS) | dnsbl | [1] | dnsbl.sorbs.net | Unsolicited bulk/commercial email senders | N/A (See individual zones) | N/A (See individual zones) | Aggregate zone (all aggregates and what they include are listed on [2]) |
| http.dnsbl | http.dnsbl.sorbs.net | Open HTTP proxy servers | Feeder servers | Until delisting requested. | |||
| socks.dnsbl | socks.dnsbl.sorbs.net | Open SOCKS proxy servers | Feeder servers | Until delisting requested. | |||
| misc.dnsbl | misc.dnsbl.sorbs.net | Additional proxy servers | Feeder servers | Until delisting requested. | Those not already listed in the HTTP or SOCKS databases | ||
| smtp.dnsbl | smtp.dnsbl.sorbs.net | Open SMTP relay servers | Feeder servers | Until delisting requested. | |||
| web.dnsbl | web.dnsbl.sorbs.net | IP addresses with vulnerabilities that are exploitable by spammers (e.g. FormMail scripts) | Feeder servers | Until delisting requested or Automated Expiry | |||
| new.spam.dnsbl | new.spam.dnsbl.sorbs.net | Hosts that have sent spam to the admins of SORBS in the last 48 hours | SORBS Admin and Spamtrap | Renewed every 20 minutes based inclusion in on 'spam.dnsbl.sorbs.net' | |||
| recent.spam.dnsbl | recent.spam.dnsbl.sorbs.net | Hosts that have sent spam to the admins of SORBS in the last 28 days | SORBS Admin and Spamtrap | Renewed every 20 minutes based inclusion in on 'spam.dnsbl.sorbs.net' | |||
| old.spam.dnsbl | old.spam.dnsbl.sorbs.net | Hosts that have sent spam to the admins of SORBS in the last year | SORBS Admin and Spamtrap | Renewed every 20 minutes based inclusion in on 'spam.dnsbl.sorbs.net' | |||
| spam.dnsbl | spam.dnsbl.sorbs.net | Hosts that have sent spam to the admins of SORBS at any time | SORBS Admin and Spamtrap. | Until delisting requested or matter resolved | |||
| escalations.dnsbl | escalations.dnsbl.sorbs.net | Netblocks of service providers believed to support spammers | SORBS Admin fed. | Until delisting requested and matter resolved. | Service providers are added on receipt of a 'third strike' spam | ||
| block.dnsbl | block.dnsbl.sorbs.net | Hosts demanding that they never be tested | Request by host | N/A | |||
| zombie.dnsbl | zombie.dnsbl.sorbs.net | Hijacked networks | SORBS Admin (manual submission) | Until delisting requested. | |||
| dul.dnsbl | dul.dnsbl.sorbs.net | Dynamic IP address ranges | SORBS Admin (manual submission) | Until delisting requested. | Not a list of dial-up IP addresses | ||
| rhsbl | rhsbl.sorbs.net | Aggregate RHS zones | N/A | N/A | |||
| badconf.rhsbl | badconf.rhsbl.sorbs.net | Domains with invalid A or MX records in DNS | Open submission via automated testing page. | Until delisting requested. | |||
| nomail.rhsbl | nomail.rhsbl.sorbs.net | Domains which the owners have confirmed will not be used for sending email | Owner submission | Until delisting requested. | |||
| Spamhaus | SBL Advisory | [3] | sbl.spamhaus.org | Verified sources of spam, including spammers and their support services | Manual | From 30 minutes to a year or more, depending on issue and resolution | |
| XBL Advisory | [4] | xbl.spamhaus.org | Illegal third-party exploits (e.g. open proxies and Trojan Horses) | Third-party (see Notes) with automated additions | Varies, under a month. | Includes the Composite Blocking List and parts of the Not Just Another Bogus List | |
| PBL Advisory | [5] | pbl.spamhaus.org | All dialup & DHCP IP address space that is not meant to be initiating SMTP connections | Manual | Unknown | Looks to be a modern version of the original MAPS DUL and Wirehub Dynablocker lists | |
| SBL+XBL | [6] | sbl-xbl.spamhaus.org | A single lookup for querying the SBL and XBL databases | ||||
| Zen | [7] | zen.spamhaus.org | A single lookup for querying the SBL, XBL and PBL databases. | The one to use to get all. | |||
| ORBITrbl Aggressive RBL | RBL | [8] | rbl.orbitrbl.com | Unsolicited bulk/Commercial email senders (Block Class C IP Block) | Feeder servers | Until delisting requested? (Only When Found to be Non Spam Source) | Aggregate zone |
| Composite Blocking List | CBL | [9] | cbl.abuseat.org | Only IPs exhibiting characteristics specific to open proxies, spamware, etc. | large spamtraps | Temporary, until spam stops | Imported by Spamhaus. Use ZEN instead, includes CBL. |
| Passive Spam Block List | PSBL | [10] | psbl.surriel.com | IP addresses which send spam to trap | spamtraps | Temporary, until spam stops | |
| Weighted Private Block List | WPBL | [11] | db.wpbl.info | IP addresses which send UBE to members | spamtraps | Temporary, until spam stops | |
| SpamCop Blocking List | SCBL | [12] | bl.spamcop.net | IP addresses which have transmitted reported email to SpamCop users | users submit | Temporary, until spam stops | |
| Distributed Sender Blackhole List | list.DSBL.org | [13] | list.dsbl.org | all single hop relays | tested by trusted testers | until de-listing requested | explanation of test methods |
| multihop.DSBL.org | multihop.dsbl.org | the outputs of multihop relays | tested by trusted testers | until de-listing requested | explanation of test methods | ||
| unconfirmed.DSBL.org | unconfirmed.dsbl.org | all the output servers | tested by untrusted and anonymous testers | until de-listing requested | explanation of test methods |
