How to subscribe

Users doing more than 100’000 DNS queries per 24 hours on our public nameserver infrastructure or reselling our data as part of a commercial service need to get a subscription.

Pricing information is available in the Self Service under the “Subscription” tab. If you create an account, you will automatically get a free 30 day subscription (which is not automatically turned into a paid subscription) to test the service.

How to use

There are two main options on how subscribers can access dnswl.org data: as downloads via rsync, or continue to use DNS queries.

The use of rsync download makes sense if a) the subscriber has the know how and resources to run a local nameserver using the rsync’ed files or b) if the use case requires a local copy of the file (eg for further analysis).

The access through DNS queries for subscribers is more straightforward as it does not require any infrastructure on the side of the subscriber.

rsync Download

Once you are registered and have a valid license, you can use the following command to list all the rsync’able files:

rsync rsync2.dnswl.org::dnswl

And one of the following (or a variation thereof) to download the files:

rbldnsd: rsync --times rsync2.dnswl.org::dnswl/rbldnsd-* /some/path/
Postfix: rsync --times rsync2.dnswl.org::dnswl/postfix-* /some/path/
BIND: rsync --times rsync2.dnswl.org::dnswl/bind-* /some/path/
generic: rsync --times rsync2.dnswl.org::dnswl/generic-* /some/path/
SpamAssassin: rsync --times rsync2.dnswl.org::dnswl/sa/* /some/path/

The –times is important to ensure that file modification dates are kept unchanged. Please note the different path pattern for the SpamAssassin-formatted files.

The IP addresses which you want to transfer from are specified in the “Subscription” tab of the Self Service. It takes a couple of minutes until IP addresses have been propagated to all of the rsync mirror servers. IP addresses are activated if a valid, paid subscription (or a free trial subscription) is found.

Since reputation and trust are built over time, dnswl.org data changes rather slowly (especially when compared to typical DNS blacklists). It is therefor usually sufficient to run rsync once or twice an hour. We ask you not to run your downloads at the full hour, but at a random minute within an hour.

DNS Queries for Subscribers

In order to use DNS queries, you simply add the IP addresses of the DNS resolvers which should be allowed to make these queries on the Self Service portal (“Subscription” tab). The same set of IPs is used to determine rsync and DNS query clients.