RBL
| (2 intermediate revisions by 2 users not shown) | |||
| Line 3: | Line 3: | ||
| A typical RBL server is a very simple purpose-oriented [[DNS]] server which returns "no answer" if the IP being fed to it isn't on its list, and returns a special answer - usually 127.0.0.2 - if the IP is found.  In order to check against the RBL, the IP is deconstructed and put together backwards in front of the RBL server's domain name - for example, in order to check the IP address 1.2.3.4 against the fictitious RBL server rbl.spammersarebad.net, you would try to resolve the URL 4.3.2.1.rbl.spammersarebad.net. | A typical RBL server is a very simple purpose-oriented [[DNS]] server which returns "no answer" if the IP being fed to it isn't on its list, and returns a special answer - usually 127.0.0.2 - if the IP is found.  In order to check against the RBL, the IP is deconstructed and put together backwards in front of the RBL server's domain name - for example, in order to check the IP address 1.2.3.4 against the fictitious RBL server rbl.spammersarebad.net, you would try to resolve the URL 4.3.2.1.rbl.spammersarebad.net. | ||
| − |   server# '''dig  | + |   server# '''dig +short A 4.3.2.1.rbl.spammersarebad.net''' | 
|   127.0.0.2 |   127.0.0.2 | ||
| Aha - the RBL returned 127.0.0.2, so it looks like the IP address 1.2.3.4 is on their list.  Most RBLs will give you a little information about what's on their list, if you query them for a TXT record.  Usually, the TXT record gives you an URL for a webpage which will tell you more about the list, whether or not the IP is still listed, and possibly (but possibly not) something about why it's listed or for how long it is scheduled to remain listed. | Aha - the RBL returned 127.0.0.2, so it looks like the IP address 1.2.3.4 is on their list.  Most RBLs will give you a little information about what's on their list, if you query them for a TXT record.  Usually, the TXT record gives you an URL for a webpage which will tell you more about the list, whether or not the IP is still listed, and possibly (but possibly not) something about why it's listed or for how long it is scheduled to remain listed. | ||
| − |   server# '''dig  | + |   server# '''dig +short TXT 4.3.2.1.rbl.spammersarebad.net''' | 
|   "Blocked - see <nowiki>http://rbl.spammersarebad.net/bl.shtml?1.2.3.4</nowiki>" |   "Blocked - see <nowiki>http://rbl.spammersarebad.net/bl.shtml?1.2.3.4</nowiki>" | ||
| By comparison, if we ask about an address that isn't on the list, we get no answer at all for either A or TXT records: | By comparison, if we ask about an address that isn't on the list, we get no answer at all for either A or TXT records: | ||
| − |   server# '''dig  | + |   server# '''dig +short A 5.4.3.2.rbl.spammersarebad.net''' | 
| − |   server# '''dig  | + |   server# '''dig +short TXT 5.4.3.2.rbl.spammersarebad.net''' | 
|   server# |   server# | ||
| See also [[Mail toaster]], a freebsdwiki.net special configuration of [[Qmail]] and several other mail applications which includes built-in RBL filtering. | See also [[Mail toaster]], a freebsdwiki.net special configuration of [[Qmail]] and several other mail applications which includes built-in RBL filtering. | ||
| − | [[Category:FreeBSD Terminology]] | + | [[Category:FreeBSD Terminology]][[Category:DNS]] | 
Latest revision as of 17:19, 21 June 2007
RBL is an acronym for Real-time Black-hole List - a list of IP addresses and/or URLs that nobody wants anything to do with, updated constantly in (you guessed it) real time. RBL's are most frequently used to filter out various types of spam, including the "traditional" email variety as well as the newer but increasingly more problematic comment spam.
A typical RBL server is a very simple purpose-oriented DNS server which returns "no answer" if the IP being fed to it isn't on its list, and returns a special answer - usually 127.0.0.2 - if the IP is found. In order to check against the RBL, the IP is deconstructed and put together backwards in front of the RBL server's domain name - for example, in order to check the IP address 1.2.3.4 against the fictitious RBL server rbl.spammersarebad.net, you would try to resolve the URL 4.3.2.1.rbl.spammersarebad.net.
server# dig +short A 4.3.2.1.rbl.spammersarebad.net 127.0.0.2
Aha - the RBL returned 127.0.0.2, so it looks like the IP address 1.2.3.4 is on their list. Most RBLs will give you a little information about what's on their list, if you query them for a TXT record. Usually, the TXT record gives you an URL for a webpage which will tell you more about the list, whether or not the IP is still listed, and possibly (but possibly not) something about why it's listed or for how long it is scheduled to remain listed.
server# dig +short TXT 4.3.2.1.rbl.spammersarebad.net "Blocked - see http://rbl.spammersarebad.net/bl.shtml?1.2.3.4"
By comparison, if we ask about an address that isn't on the list, we get no answer at all for either A or TXT records:
server# dig +short A 5.4.3.2.rbl.spammersarebad.net server# dig +short TXT 5.4.3.2.rbl.spammersarebad.net server#
See also Mail toaster, a freebsdwiki.net special configuration of Qmail and several other mail applications which includes built-in RBL filtering.
