When dealing with DNS-based white- and blacklists at significant volume, it is important to know which nameserver is actually being used – and it is often not trivial to identify this: The “inside” IP you see may be different from the IP(s) seen from the outside, or there may be several hops between the nameserver you are querying and the one seen from the Internet.
(Update 2017-10-09 16:00 – added rspamd)
At the M3AAWG meeting (see previous post) there was considerable interest in the proposal on domain-based whitelisting information. However there is no operational experience which would allow anyone to see how this would perform.
Now you can test 🙂 Continue reading “Whitelisting DKIM-signed domains”
At the 41st M3AAWG meeting in Toronto, we got the opportunity to present the dnswl.org project to a wider community.
The slides linked below were shown – please let us know if you have any questions or further input.
I hope we will be back for the M3AAWG meeting in Munich next year.
dnswl.org will remove a workaround-file for Postfix < 2.8 from download on August 31st 2017. Continue reading “Removal of workaround-file for Postfix < 2.8 from download (updated)"
TL;DR: There are over 500’000 legitimate mailservers on the Internet. If you are not managing the IPs of your own mailservers at dnswl.org yet, you should do it!
TL;DR: Sign up to the dnswl.org Self Service and start managing the reputation of your IPs.
dnswl.org limits the use of the public nameserver infrastructure to those doing fewer than 100’000 lookups per 24 hours and to non-commercial use (see here for details). Continue reading “Enforcement of dnswl.org access limits”
For historical reasons, the website to manage subscriptions to dnswl.org data was using a separate website (and “separate-everything”). Over the past months we worked to integrate this into the more generic Self Service. Continue reading “Subscription website moved into Self Service”
Since the dnswl.org Self Service went live in mid December 2015, we got over 1’000 Self Service user signups, and these users created over 3’000 Change Requests. Of course we are happy about the great up-take of the Self Service in the community.
For years, an unknown number of users behind TOR exit nodes have been abusing dnswl.org resources. Apparently for every email they receive, they query dnswl.org via the web, using the search interface open to all users. This causes considerable load on our webservers, the database servers, and our network infrastructure, sometimes causing significant delays for legitimate users.