(Update 2017-10-09 16:00 – added rspamd)
At the M3AAWG meeting (see previous post) there was considerable interest in the proposal on domain-based whitelisting information. However there is no operational experience which would allow anyone to see how this would perform.
Now you can test 🙂 Continue reading “Whitelisting DKIM-signed domains”
At the 41st M3AAWG meeting in Toronto, we got the opportunity to present the dnswl.org project to a wider community.
The slides linked below were shown – please let us know if you have any questions or further input.
M3AAWG Toronto Slides
I hope we will be back for the M3AAWG meeting in Munich next year.
dnswl.org limits the use of the public nameserver infrastructure to those doing fewer than 100’000 lookups per 24 hours and to non-commercial use (see here for details). Continue reading “Enforcement of dnswl.org access limits”
For historical reasons, the website to manage subscriptions to dnswl.org data was using a separate website (and “separate-everything”). Over the past months we worked to integrate this into the more generic Self Service. Continue reading “Subscription website moved into Self Service”
Since the dnswl.org Self Service went live in mid December 2015, we got over 1’000 Self Service user signups, and these users created over 3’000 Change Requests. Of course we are happy about the great up-take of the Self Service in the community.
Continue reading “1’000 Self Service users, 3’000 Change Requests”
For years, an unknown number of users behind TOR exit nodes have been abusing dnswl.org resources. Apparently for every email they receive, they query dnswl.org via the web, using the search interface open to all users. This causes considerable load on our webservers, the database servers, and our network infrastructure, sometimes causing significant delays for legitimate users.
Continue reading “Users behind TOR abusing dnswl.org resources”
As of Nov 30 2015, there is a slight change to the PGP key we use for signing the download files – there is no more expiration date on that key. Private key and fingerprint remain unchanged.
The updated key can be downloaded here.
Starting in early November 2014, we took some additional measures to enforce the query limit on our free nameserver infrastructure of 100’000 queries per 24 hours per organisation. As a result, some people may get a “blocked” result in their spamfilter setup.
Continue reading ““Am I Blocked?””
dnswl.org has gradually improved the level of IPv6 support over the past months. The easy part is offering services over IPv6:
- Most public websites are accessible over IPv6 (since well over a year)
- Incoming and outgoing mails may pass through IPv6
- Nameservers for both the dnswl.org and list.dnswl.org zones have a healthy mix of IPv4 and IPv6 (and georedundancy etc)
- Monitoring adapted to include (hopefully) all services which are also offered over IPv6
- As a general rule, and wherever available, internal communication between dnswl.org servers happens over IPv6
Continue reading “Improving dnswl.org IPv6 support”