Re: Detecting and disabling bad DNSBLs
Steve Linford <linford@spamhaus.org> Sat, 15 November 2008 09:00 UTC
Return-Path: <ietf-bounces@ietf.org>
X-Original-To: ietf-archive@megatron.ietf.org
Delivered-To: ietfarch-ietf-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1F9AB28C102; Sat, 15 Nov 2008 01:00:10 -0800 (PST)
X-Original-To: ietf@core3.amsl.com
Delivered-To: ietf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7DC3328C102 for <ietf@core3.amsl.com>; Sat, 15 Nov 2008 01:00:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.819
X-Spam-Level:
X-Spam-Status: No, score=-10.819 tagged_above=-999 required=5 tests=[AWL=0.080, BAYES_00=-2.599, RCVD_IN_BSP_TRUSTED=-4.3, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id USd4WfDkQjcj for <ietf@core3.amsl.com>; Sat, 15 Nov 2008 01:00:08 -0800 (PST)
Received: from smtp-ext-layer.spamhaus.org (ns8.spamhaus.org [82.94.216.239]) by core3.amsl.com (Postfix) with ESMTP id 8264A28C0F1 for <ietf@ietf.org>; Sat, 15 Nov 2008 01:00:08 -0800 (PST)
Mime-Version: 1.0 (Apple Message framework v753.1)
In-Reply-To: <491E8B50.3030301@peter-dambier.de>
References: <e0c581530811140931t23f85aa9w9629a8aa2bc9f26@mail.gmail.com> <C0F2465B4F386241A58321C884AC7ECC0961B8DB@E03MVZ2-UKDY.domain1.systemhost.net> <e0c581530811141103y1b831a2ag396bd06823db08cf@mail.gmail.com> <491DD91A.5090507@network-heretics.com> <e0c581530811141308g4eba52fj2cab489787fa0f85@mail.gmail.com> <20081115000422.GL25117@mit.edu> <491E16EF.70901@nortel.com> <491E8B50.3030301@peter-dambier.de>
From: Steve Linford <linford@spamhaus.org>
Subject: Re: Detecting and disabling bad DNSBLs
To: ietf@ietf.org
X-Local-MTA-Info:
X-Mime-Info: text/plain
Message-ID: <A.1L1H0h-000FiH-0v@smtp-ext-layer.spamhaus.org>
Date: Sat, 15 Nov 2008 09:00:07 +0000
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"; DelSp="yes"
Sender: ietf-bounces@ietf.org
Errors-To: ietf-bounces@ietf.org
The standard is to query the DNSBL's Loopback address, 127.0.0.2. If the Loopback address does not respond the DNSBL is either shutting down or it's defunct. You query the Loopback address like this (using our SBL as an example) and should get this answer: ;; QUERY: ;2.0.0.127.sbl.spamhaus.org. ;; ANSWER: 2.0.0.127.sbl.spamhaus.org. 900 IN A 127.0.0.2 2.0.0.127.sbl.spamhaus.org. 1800 IN TXT "http://www.spamhaus.org/SBL/sbl.lasso?query=SBL233" (if you get no answer to a 2.0.0.127.dnsbl query, the no answer means "it's dead Jim" or possibly "it's firewalling you Jim") Chris Lewis's excellent DNSBL BCP document also covers how to shut a DNSBL down properly. Regards, Steve Linford The Spamhaus Project http://www.spamhaus.org On 15 Nov 2008, at 09:41, Peter Dambier wrote: > Maybe I am a bit late with this idea. > > I remeber dns roots switching off and DNSBLs switching off. > > Users wont notice until broken - or not even then. > > The sysop has been fired. > > > There should be a means for the DNSBL to tell its client > > 1) I am not a DNS-server > > 2) I am going to switch off soon > > 3) There should be a serialnumber or timestamp on the DNSBL > to show when it has last been maintained. > > > When the client sees the wrong type of server it should > warn both the sysop and the user. Today it has no means > to decide so. > > Kind regards > Peter > > -- > Peter and Karin Dambier > Cesidian Root - Radice Cesidiana > Rimbacher Strasse 16 > D-69509 Moerlenbach-Bonsweiher > +49(6209)795-816 (Telekom) > +49(6252)750-308 (VoIP: sipgate.de) > mail: peter@peter-dambier.de > http://www.peter-dambier.de/ > http://iason.site.voila.fr/ > https://sourceforge.net/projects/iason/ > _______________________________________________ > Ietf mailing list > Ietf@ietf.org > https://www.ietf.org/mailman/listinfo/ietf _______________________________________________ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
- Re: several messages der Mouse
- Re: several messages David Morris
- Re: several messages Dean Anderson
- Re: several messages Randy Presuhn
- Re: several messages David Morris
- Re: several messages Matthias Leisi
- Re: several messages Steve Linford
- Re: several messages Peter Dambier
- Re: several messages Steve Linford
- Re: several messages Keith Moore
- Re: several messages der Mouse
- Re: several messages Chris Lewis
- Re: several messages Mark Andrews
- Re: several messages der Mouse
- Re: several messages Chris Lewis
- Re: several messages David Romerstein
- Re: several messages Randy Presuhn
- Re: several messages Chris Lewis
- Re: several messages David Romerstein
- Re: several messages David Romerstein
- Re: several messages Keith Moore
- Re: several messages Chris Lewis
- Re: several messages Al Iverson
- More anti-spam (was: Re: several messages) John C Klensin
- RE: several messages michael.dillon
- Re: several messages Matthias Leisi
- Re: several messages Mark Andrews
- Re: several messages David Morris
- Re: several messages Al Iverson
- Re: uncooperative DNSBLs, was several messages John Levine
- Re: uncooperative DNSBLs, was several messages Jim Hill
- Re: several messages John C Klensin
- Re: several messages Al Iverson
- RE: several messages Hallam-Baker, Phillip
- Re: uncooperative DNSBLs, was several messages Matthias Leisi
- Re: uncooperative DNSBLs, was several messages Al Iverson
- RE: several messages Anthony Purcell
- Re: uncooperative DNSBLs, was several messages Dave CROCKER
- Re: several messages der Mouse
- Re: uncooperative DNSBLs, was several messages Andrew Sullivan
- Re: uncooperative DNSBLs, was several messages David Romerstein
- Re: uncooperative DNSBLs, was several messages Jim Hill
- Re: several messages Chris Lewis
- Re: uncooperative DNSBLs, was several messages Chris Lewis
- Re: uncooperative DNSBLs, was several messages John C Klensin
- Re: uncooperative DNSBLs, was several messages Dave CROCKER
- Re: uncooperative DNSBLs, was several messages Tony Finch
- Re: uncooperative DNSBLs, was several messages Andrew Sullivan
- Re: uncooperative DNSBLs, was several messages John C Klensin
- Re: uncooperative DNSBLs, was several messages Matthias Leisi
- Re: uncooperative DNSBLs, was several messages Al Iverson
- Re: uncooperative DNSBLs, was several messages Andrew Sullivan
- Re: uncooperative DNSBLs, was several messages John C Klensin
- Re: uncooperative DNSBLs, was several messages Ted Hardie
- Re: uncooperative DNSBLs, was several messages Matthias Leisi
- Re: uncooperative DNSBLs, was several messages Ted Hardie
- Re: uncooperative DNSBLs, was several messages Tony Finch
- Context specific semantics was Re: uncooperative … Ted Hardie
- Clarifying harm to DNS (was: uncooperative DNSBLs… Andrew Sullivan
- Re: Context specific semantics was Re: uncooperat… Ted Hardie
- Re: uncooperative DNSBLs, IETF misinformation (wa… Steve Linford
- RE: Context specific semantics was Re: uncooperat… Hallam-Baker, Phillip
- Re: uncooperative DNSBLs, was several messages Peter Dambier
- Re: uncooperative DNSBLs, was several messages David Romerstein
- Re: uncooperative DNSBLs, was several messages Peter Dambier
- Re: uncooperative DNSBLs, was several messages Keith Moore
- Re: uncooperative DNSBLs, was several messages Chris Lewis
- RE: uncooperative DNSBLs, IETF misinformation (wa… michael.dillon
- Re: uncooperative DNSBLs, IETF misinformation (wa… Steve Linford
- RE: uncooperative DNSBLs, IETF misinformation (wa… michael.dillon
- Re: Context specific semantics was Re: uncooperat… Tony Finch
- Re: Context specific semantics was Re: uncooperat… John Levine
- RE: Context specific semantics was Re: uncooperat… Hardie, Ted
- RE: Context specific semantics was Re: uncooperat… Tony Finch
- Re: several messages Rich Kulawiec
- Re: uncooperative DNSBLs, was several messages Rich Kulawiec
- Re: uncooperative DNSBLs, IETF misinformation (wa… Al Iverson
- Re: Context specific semantics was Re: uncooperat… Ted Hardie
- RE: Context specific semantics was Re: uncooperat… Ted Hardie
- Re: several messages John C Klensin
- Re: several messages Al Iverson
- Re: Context specific semantics was Re: uncooperat… John L
- RE: uncooperative DNSBLs, IETF misinformation (wa… michael.dillon
- Re: uncooperative DNSBLs, IETF misinformation (wa… Al Iverson
- RE: uncooperative DNSBLs, IETF misinformation (wa… michael.dillon
- Re: several messages John C Klensin
- Re: several messages Chris Lewis
- Re: uncooperative DNSBLs, IETF misinformation (wa… Keith Moore
- Re: several messages Al Iverson
- RE: several messages michael.dillon
- Re: uncooperative DNSBLs, IETF misinformation (wa… Al Iverson
- Re: Context specific semantics was Re: uncooperat… Ted Hardie
- Re: Context specific semantics was Re: uncooperat… Douglas Otis
- Re: uncooperative DNSBLs, IETF misinformation (wa… Theodore Tso
- Re: Context specific semantics was Re: uncooperat… Theodore Tso
- Re: uncooperative DNSBLs, IETF misinformation (wa… Chris Lewis
- Re: more bad ideas, was uncooperative DNSBLs, was… John Levine
- Re: more bad ideas, was uncooperative DNSBLs, was… Chris Lewis
- Re: Context specific semantics was Re: uncooperat… John L
- Detecting and disabling bad DNSBLs Peter Dambier
- Re: Detecting and disabling bad DNSBLs Steve Linford
- Re: several messages Pekka Savola
- Re: more bad ideas, was uncooperative DNSBLs, was… Keith Moore
- Re: several messages Rich Kulawiec
- Is USA qualified for 2.3 of draft-palet-ietf-meet… YAO
- RE: [73attendees] Is USA qualified for 2.3 ofdraf… Song Haibin
- Re: several messages Tom.Petch
- Re: [73attendees] Is USA qualified for 2.3 of dra… Phillip Hallam-Baker
- Re: [73attendees] Is USA qualified for 2.3 of dra… james woodyatt
- Re: several messages John C Klensin