DNSBL filtering for Apache

[Jem Berkes <jb...@users.pc9.org>]

While I was thinking about Nick's suggestion for mod_rbl (blacklist lookups 
with mod_smtpd) I happened upon this idea, which is somewhat unrelated to 
the smtp project.

DNSBLs, the dominant form of real time blacklisting, are not specific to 
SMTP because this is just a way to publish lists of IP addresses. RHSBLs, 
which look up the address in an SMTP envelope, are specific to SMTP 
however.

Apache -- the HTTP side too -- would benefit from DNSBL support. Or does 
this already do this? For example, both the CBL and AHBL projects list IP 
addresses of hosts engaging in activities such as proxy hijacking and spam 
relaying. This means it would be useful for webmasters to be able to make 
use of the published DNSBL to deny access to http requests.

Because DNSBLs are an efficient way to publish lists, webmasters might 
start using a DNSBL lookup feature in Apache to limit abuse of say message 
forums, cgi scripts, proxy gateways. Currently, this has to be done by 
importing a complete list of IP address (often tens of megabytes) into a 
firewall script or Apache configuration.

Re: DNSBL filtering for Apache

[Jem Berkes <jb...@users.pc9.org>]

> Apache -- the HTTP side too -- would benefit from DNSBL support. Or does
> this already do this? For example, both the CBL and AHBL projects list
> IP addresses of hosts engaging in activities such as proxy hijacking and
> spam relaying. This means it would be useful for webmasters to be able
> to make use of the published DNSBL to deny access to http requests.

Gosh, it already exists thanks to Blars Blarson
http://www.blars.org/mod_access_rbl.html

I wonder if the existing module can somehow be used for mod_smtpd as well? 
I'm still not familiar with enough 2.x style modules to know if that would 
work somehow.