English
+370 5 205 5502 sales@monovm.com

In this article, we will talk about Domain Name System BlackLists (DNSBL), Real-time Blackhole List and how they are used today.

30

Apr, 19

What is DNSBL and Why Use It?

Domain Name System BackLists (DNSBL) are spam blocking lists that allow system moderators to block messages from specific systems that have a history of sending spam.  As the name suggests, these lists are based on the Domain Name System (DNS) which converts numerical IP addresses into domain names. If the maintainer of the DNSBL receives spam from a specific domain name, that server would be blacklisted and all messages sent from it would either be flagged or rejected by any sites that uses the said list.

There are three basic components that make up a DNSBL:

  • A domain name to host it under
  • A server to host the aforementioned domain
  • A list of addresses that make up the blacklist

The first DNSBL was created by MAPS (i.e. Mail Abuse and Prevention System) in 1997. They called it the Real-time Blackhole List (RBL) and its original purpose was to block spam emails and educate ISPs and other websites on spam and its prevention. Nowadays, DNSBLs are rarely used for educational purposes, however, its primary purpose as a spam blocker and filter is being served to this day. In fact, nearly all email servers support at least one DNSBL in order to minimize the amount of junk mail their users receive.

More than 20 years have passed since the introduction of RBL, and since then, dozens of different blacklists have sprung up and are available for public use. They all have their own criteria of what they do and do not consider as spam, therefore all of them have their own lists. Because of this, DNSBLs vary vastly from one another. Some are way stricter than others, and some are much more lenient. There are DNS blacklists that list sites only for a set amount of time since the last received spam, while others are monitored and managed completely manually. In fact, some of the DNSBLs not only block the IP address of the website but even sometimes entire Internet Service Providers (ISPs) known to host spammers.

The variety of DNS blacklists available allows the user to choose the desired blacklists based on how well the DNSBL’s criteria for spam match with the user’s needs. Less lenient lists might allow some spam to be let through, but not block mis-identified non-spam messages and vice versa.