Home

Our Services

	About
	Advertising
	Bespoke Software
	Contact Us
	Hosting Services
	Security Consulting
	Terms
	Web Solutions

Members

	BBcode FAQ
	Downloads
	Forums
	Forum FAQ
	Forum Rules
	Groups
	Your Account

Site News

	Forum News
	Stories Archive
	Topics

Tools

	Button Maker
	Domain Registration
	HTTP Return Codes
	Google PR
	MD5 Encrytion Tool
	Search
	Secure Your Email
	Web Links

Manual's

	Memory Terms
	Hex Colour Codes
	PEAR Manual
	phpBB 2.0 D.A.L.
	phpNuke How To
	Web Development

Guides

	Google Guide
	Online Advertising
	Yahoo Guide

Sentinel

We have caught 5848 shameful hackers.

NukeSentinel(tm)

Paypal Referral

Link Exchange

Join our free link exchange

Click Here

Distributed Server Boycott List

Online Advertising

Distributed Server Boycott List

From Wikipedia the free encyclopedia, by MultiMedia

Home | Up

The Distributed Server Boycott List is a DNSBL that lists IP addresses of insecure hosts. DSBL can be used by server administrators to tag or block e-mail messages that come from insecure servers, often spam.

The DSBL publishes its lists as DNS zones that can be queried by anyone on the Internet.

Blocking

It is not possible for DSBL to block or intercept mail. E-mail is sometimes blocked or bounced with a message referencing DSBL. These messages were not blocked by DSBL; they were blocked by the administrator of the receiving mail server, who chose to reject messages coming from a potentially-insecure IP address listed by DSBL. See DNSBL for a description of how mail transfer agents interact with these lists.

Methodology

DSBL lists IP addresses of hosts that are demonstrated to be insecure. DSBL defines an insecure host as one that allows e-mail to be sent from anyone to anyone else (normal servers only send mail from their own users to anyone else). These types of servers are commonly abused by spammers, although DSBL does not claim that the hosts have sent spam or have been abused by spammers; only that they could be.

DSBL builds its lists by receiving specially-formatted "listme" e-mails triggered by independent outside testers. DSBL itself does not test hosts for security vulnerabilities. The independent testers use software that causes insecure servers to send a message to an e-mail address monitored by DSBL. The message includes a time-sensitive cryptographically secure cookie to prevent servers from being listed by mistake. When a valid listme message is received DSBL adds the IP address of the server that delivered the message to one of its lists.

For these messages to reach DSBL the insecure server must have allowed anyone (a DSBL independent tester) to send mail to anyone (DSBL's monitored address). This proof-of-vulnerability is kept on file at DSBL's web site.

In addition to open mail relays, DSBL lists hosts that were vulnerable to abuse due to formmail bugs, open proxies, and other problems. Because the independent testers can use any available method to trigger the listme messages, they can adapt to newly-discovered vulnerabilities as spammers do.

The independent testers normally perform tests on hosts that have sent spam to them. Thus many of the IP addresses listed by DSBL are the addresses of servers that have been abused by spammers.

De-listing

For an IP address to be removed from DSBL's lists, the administrator of the IP address must demonstrate "accountability" by first requesting, and then responding, to a de-listing message from DSBL. The message can only be sent to the postmaster or abuse desk of the listed IP address. The postmaster's e-mail domain is determined by consulting reverse DNS.

Until this accountability test is passed, the host remains listed. Thus it is possible that some of the IP addresses listed by DSBL have been secured, but are still listed because the administrator has not demonstrated accountability by requesting and responding to a de-listing message.

Because DSBL does not perform vulnerability tests, the only criterion for removal is this accountability test. It is entirely possible that hosts that are de-listed are still vulnerable to abuse. If this is the case, it is expected that the host will be re-listed by an independent tester the next time it is abused.

Automated system and credibility

DSBL is a largely automated system. The de-listing process, in particular, is an automated self-service web page.

Manual processes are not used to remove an IP address from the list, except in rare cases where a bug in DSBL's software prevented a de-listing. DSBL's operators believe that manual de-listing processes would undermine the list's credibility.

Lists

DSBL currently operates three lists:

unconfirmed.dsbl.org: The unconfirmed list contains IP addresses of hosts that have delivered listme messages triggered by anonymous or untrusted testers. DSBL does not recommend using this list as part of a blocking system.

list.dsbl.org: The trusted list contains IP addresses of hosts that have delivered listme messages triggered by trusted independent testers.

multihop.dsbl.org: The multihop list contains IP addresses of hosts that deliver mail for insecure servers. The servers in this list may appear to be secure, but can be abused by spammers because they trust other servers that are insecure. This category sometimes includes the mail servers of large ISPs, and DSBL recommends using this list as part of a message scoring system, not as a blocking list.

External links

Home | Up

Online Advertising, made by MultiMedia | Free content and software

This guide is licensed under the GNU Free Documentation License. It uses material from the Wikipedia.

You can syndicate our News with backend.php

And our Forums with rss.php

You can also access our feeds via Feedburner Site News and LD Software Forums
© 2009 ld-software.co.uk All Rights Reserved.
PHP-Nuke Copyright © 2005 by Francisco Burzi. This is free software, and you may redistribute it under the GPL. PHP-Nuke comes with absolutely no warranty, for details, see the license.
Page Generation: 0.16 Seconds