You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@spamassassin.apache.org by Aaron Boyles <Bo...@ITC.GOV> on 2005/12/21 21:21:42 UTC

Public Blacklists?

On a side note, is anyone very familiar with any protocols involving public
blacklists?  I'm looking for the ability to simply toss an IP at a site
somewhere, and get a simple 'yes/no' response as to whether or not it's a
spam IP?
 
-Aaron Boyles
ITC Applications Programmer

Re: Public Blacklists?

Posted by Matt Kettler <mk...@evi-inc.com>.

Aaron Boyles wrote:
> On a side note, is anyone very familiar with any protocols involving
> public blacklists?  I'm looking for the ability to simply toss an IP at
> a site somewhere, and get a simple 'yes/no' response as to whether or
> not it's a spam IP?

All the common blacklists use DNS lookups, mostly A records in ptr-record style
reverse-dotted-quad format.

ie: if i wanted to check to see if 208.39.141.94 was listed in njabl.org I'd do
a DNS lookup of:

94.141.39.209.combined.njabl.org

if you get NXDOMAIN, then it's not listed.
if you get back a 127.0.0.* IP address it is listed, and the last octet is a
bitmask of which NJABL lists the IP is in.