“Who am I”?

When dealing with DNS-based white- and blacklists at significant volume, it is important to know which nameserver is actually being used – and it is often not trivial to identify this: The “inside” IP you see may be different from the IP(s) seen from the outside, or there may be several hops between the nameserver you are querying and the one seen from the Internet.

Continue reading ““Who am I”?”

Users behind TOR abusing dnswl.org resources

For years, an unknown number of users behind TOR exit nodes have been abusing dnswl.org resources. Apparently for every email they receive, they query dnswl.org via the web, using the search interface open to all users. This causes considerable load on our webservers, the database servers, and our network infrastructure, sometimes causing significant delays for legitimate users.

Continue reading “Users behind TOR abusing dnswl.org resources”