Policy

Principle

There is no legal entitlement for anyone to be included in the list or to exclude a certain entity from the list. It will be at the editors sole discretion when and how to list, modify or delist IP addresses or entities.

The only exception is that the rightful owner of an IP address (range), as identified through IP-based whois or any other reasonably verifiable data source, can request to be excluded from the list.

IP address “owner”

Due to the nature of the dnswl.org data, only entities controlling their own IP address(es) can be listed. “Ownership” over IP addresses must be reasonably verified (eg through whois or forward/reverse DNS lookups). If it can be shown that an IP address in “foreign” IP space is dedicated to the entity (eg an outsourced mailserver), this counts as “controlling their own IP address”. Of course, dynamically assigned individual IP addresses can not be listed.

Listing Criteria

The following criteria will be applied to listing entities on dnswl.org:

  • It can be reasonably believed or it is known that the “owner” of an IP address or IP range handles abuse coming from it’s own network in a responsible, responsive and timely manner.
  • The network (IP address range) is duly and correctly registered in whois (ie does not contain bogus, anonymized or obviously outdated information).
  • New entries are checked against public and private sources in order to detect past (spam-) problems for a given domain and/or IP address(es).
  • The level of control that can be exercised by the network owner over it’s users determines the “trustworthiness” level that is returned for a given network. Networks with public users are assigned a lower level, while networks with administrative close control over their users and systems can be assigned a higher level.
  • Single IP addresses are added by default; address ranges are only added if a large part of this range is actually used for outgoing SMTP traffic. Address ranges are assigned a lower score than individual addresses.
  • Networks are assigned to the best matching category in order to allow users of dnswl.org to selectively whitelist certain categories.

The fact that an IP address is listed on some blocklist is not sufficient justification for a listing at dnswl.org. On the contrary, IP addresses currently and/or repeatedly listed on blocklists will usually be denied. Exceptions are possible if reasonable justification can be provided. Misconfigurations (open relays etc) are not considered reasonable justification.

Delisting Criteria

The goal of dnswl.org is to avoid false positives. In order to achieve this goal, users of dnswl.org data accept the occasional spam or other form of abuse coming from a whitelisted network.

However, a listing in dnswl.org is no “get out of jail” card. Continued abuse with no reasonable action will get a network removed from dnswl.org. The following criteria and escalations will be applied where reasonable:

  • Considerable number of reports in the news.admin.net-abuse.sightings newsgroup or other public sources.
  • Non-public information (eg notification by e-mail)
  • A Spamhaus SBL listing.
  • Support for spam and other operations (including, but not limited to DNS- and webhosting).

List categories

The list of categories is subject to change. It will always be adapted to identify categories of senders with common characteristics. Categories will not be deleted, but they may become empty over time.

Listing Data

A listing in dnswl.org usually consists of the following:

  • A domain name* identifying the controlling entity (ie company, project, individual, …).
  • A category* assigned to the domain name which most closely describes the nature of the controlling entity (eg specific industry, governments, individuals etc).
  • One or more IP addresses or ranges of IP addresses*, assigned with a “trustworthiness” level.
  • Source of the data*
  • Contact information, if provided.
  • Comments and notes for internal use (eg special considerations, “see also” etc)

* indicates data that is published through DNS etc.

Note

If anything in this policy does not fit with your own local policy, you should not use dnswl.org for whitelisting or similar purposes.