The DNS Black List

Status: Active

The goal of the black list is to catch and react to new hosts used for spamming purposes as quickly as possible. Via an automated process, hosts are listed within minutes of the first time they are caught sending or relaying spam, and they are removed from the list a day later. Any further offenses by the same host will cause it to be listed again, but for a longer period of time for each subsequent offense. As a result, the DNSBL lists a fairly small number of hosts at any given time. Although the back-end database contains all the hosts that have ever been listed, the subset visible via DNS consists of only the hosts that are currently active spam sources or relays.

Listing Policy

Any known-spam message detected by the mail servers will cause the sending host to be listed immediately. Messages are identified by the way in which they are sent and the addresses to which they are sent, not by their content. In this way, no message will be misidentified as spam simply because it matches some criteria for spam-like content. The list does not target any particular spammers or any particular spam messages. The most commonly identified spam messages are those that are sent to one of several email addresses that have never existed in the history of the Internet, and yet which, for some unknown reason, each receive dozens of spam messages a day.

Offending hosts are delisted fairly quickly, with the “penalty” time determined by the number of times this particular host has relayed or originated spam in the past. This way, transient spammers are listed for a short time, and will be delisted once the problem is corrected. Persistent spammers will be listed for a longer time, and will presumably sooner or later show up in many of the larger lists of known open relays or spam sources.