What is a DNSBL?


Domain Name System Blacklists, also known as DNSBL's or DNS Blacklists, are spam blocking lists that allow a website administrator to block messages from specific systems that have a history of sending spam. As their name implies, the lists are based on the Internet's Domain Name System, which converts complicated, numerical IP address such as 140.239.191.10 into domain names like example.net, making the lists much easier to read, use, and search. If the maintainer of a DNS Blacklist has in the past received spam of any kind from a specific domain name, that server would be "blacklisted" and all messages sent from it would be either flagged or rejected from all sites that use that specific list.

DNS Blacklists have a rather long history in web terms, with the first one being created in 1997. Called the RBL, its purpose was to block spam email and to educate Internet service providers and other websites about spam and its related problems. Although modern DNS Blacklists are rarely used as educational tools, their function as an email blocker and filter still serves as their primary purpose to this day. In fact, almost all of today's email servers support at least one DNSBL in order to reduce the amount of junk mail clients using their service receive. The three basic components that make up a DNS Blacklist - a domain name to host it under, a server to host that domain, and a list of addresses to publish to the list - also haven't changed from the time when the RBL was first created to today.

Since then, dozens of different DNSBL's have sprung up and are available for use, and they all have their own lists that are populated based on what does or doesn't meet their own standards and criteria for what a spammer is. Because of this, DNS Blacklists can vary greatly from one to the other. Some are stricter than others, some only list sites for a set amount of time from the date the last piece of spam was received by the maintainer versus others that are manually maintained, and still others not only block IP addresses, but also entire ISP's known to harbor spammers. This results in some lists working better than others because they are maintained by services with a greater level of trustworthiness and credibility than competing lists might have. Users can also use these differences to decide on which DNS Blacklist works best for them depending on what their specific security needs are. Less lenient lists might allow more spam to get through, but might not block non-spam messages that have been misidentified on lists that have stricter guidelines for what goes on or what is left off of it. To help facilitate this, DNS Blacklists that are intended for use by the public will usually have a specific, published policy detailing what a listing means and must adhere to the criteria laid out in it in order to not only attain public confidence in their services, but to sustain it as well.