starred/blacklist-check-unix-linux-utility
1
0
Fork 0
mirror of https://github.com/adionditsak/blacklist-check-unix-linux-utility.git synced 2026-04-25 05:05:50 +03:00
Code Issues 2 Projects Releases Packages Wiki Activity

[GH-ISSUE #2] False Positives on Spamhaus and Uribl #1

New issue
Closed
opened 2026-02-28 12:08:57 +03:00 by kerem · 4 comments
kerem commented 2026-02-28 12:08:57 +03:00
Owner
Copy link

Originally created by @Avalarion on GitHub (Jul 11, 2016).
Original GitHub issue: https://github.com/adionditsak/blacklist-check-unix-linux-utility/issues/2

It is not important what I am looking for with bl I always get false positives on spamhaus and all uribl.

16-07-11_Jul:07:1468222701_+0200 A.B.C.D.dbl.spamhaus.org.      [blacklisted] (127.0.1.255)
16-07-11_Jul:07:1468222701_+0200 A.B.C.D.multi.surbl.org.       [not listed]
16-07-11_Jul:07:1468222701_+0200 A.B.C.D.uribl.swinog.ch.       [not listed]
16-07-11_Jul:07:1468222701_+0200 A.B.C.D.dob.sibl.support-intelligence.net.[not listed]
16-07-11_Jul:07:1468222701_+0200 A.B.C.D.black.uribl.com.       [blacklisted] (127.0.0.1)
16-07-11_Jul:07:1468222701_+0200 A.B.C.D.grey.uribl.com.        [blacklisted] (127.0.0.1)
16-07-11_Jul:07:1468222702_+0200 A.B.C.D.multi.uribl.com.       [blacklisted] (127.0.0.1)
16-07-11_Jul:07:1468222702_+0200 A.B.C.D.red.uribl.com.         [blacklisted] (127.0.0.1)
16-07-11_Jul:07:1468222702_+0200 A.B.C.D.uri.blacklist.woody.ch.[not listed]
16-07-11_Jul:07:1468222702_+0200 A.B.C.D.rhsbl.zapbl.net.       [not listed]
16-07-11_Jul:07:1468222702_+0200 A.B.C.D.hostkarma.junkemailfilter.com.[blacklisted] (127.0.0.5)
16-07-11_Jul:07:1468222702_+0200 A.B.C.D.reputation-domain.rbl.scrolloutf1.com.[not listed]
16-07-11_Jul:07:1468222703_+0200 A.B.C.D.reputation-ns.rbl.scrolloutf1.com.[not listed]
16-07-11_Jul:07:1468222703_+0200 A.B.C.D.nobl.junkemailfilter.com.[blacklisted] (127.0.0.5)
16-07-11_Jul:07:1468222704_+0200 A.B.C.D.iddb.isipp.com.        [not listed]
16-07-11_Jul:07:1468222704_+0200 A.B.C.D._vouch.dwl.spamhaus.org.[not listed]
16-07-11_Jul:07:1468222704_+0200 A.B.C.D.white.uribl.com.       [blacklisted] (127.0.0.1)
16-07-11_Jul:07:1468222704_+0200 A.B.C.D.list.anonwhois.net.    [not listed]

Example:

dig +short -t a 8.8.8.8.white.uribl.com.
127.0.0.1

Why should googles DNS Server be on that list? I tried out a good dozen of IP Adresses that should be whitelisted but are reported as listed.

  • google
  • 1and1
  • amazon
  • two of my servers who are not even using mails
  • my own mailserver ( 2 )
  • Mailservers of a friend
  • ...

And they all are reported by spamhaus and uribl..

And idea how to fix this?

Greetings from germany,

Bastian

Originally created by @Avalarion on GitHub (Jul 11, 2016). Original GitHub issue: https://github.com/adionditsak/blacklist-check-unix-linux-utility/issues/2 It is not important what I am looking for with `bl` I always get false positives on spamhaus and all uribl. ``` 16-07-11_Jul:07:1468222701_+0200 A.B.C.D.dbl.spamhaus.org. [blacklisted] (127.0.1.255) 16-07-11_Jul:07:1468222701_+0200 A.B.C.D.multi.surbl.org. [not listed] 16-07-11_Jul:07:1468222701_+0200 A.B.C.D.uribl.swinog.ch. [not listed] 16-07-11_Jul:07:1468222701_+0200 A.B.C.D.dob.sibl.support-intelligence.net.[not listed] 16-07-11_Jul:07:1468222701_+0200 A.B.C.D.black.uribl.com. [blacklisted] (127.0.0.1) 16-07-11_Jul:07:1468222701_+0200 A.B.C.D.grey.uribl.com. [blacklisted] (127.0.0.1) 16-07-11_Jul:07:1468222702_+0200 A.B.C.D.multi.uribl.com. [blacklisted] (127.0.0.1) 16-07-11_Jul:07:1468222702_+0200 A.B.C.D.red.uribl.com. [blacklisted] (127.0.0.1) 16-07-11_Jul:07:1468222702_+0200 A.B.C.D.uri.blacklist.woody.ch.[not listed] 16-07-11_Jul:07:1468222702_+0200 A.B.C.D.rhsbl.zapbl.net. [not listed] 16-07-11_Jul:07:1468222702_+0200 A.B.C.D.hostkarma.junkemailfilter.com.[blacklisted] (127.0.0.5) 16-07-11_Jul:07:1468222702_+0200 A.B.C.D.reputation-domain.rbl.scrolloutf1.com.[not listed] 16-07-11_Jul:07:1468222703_+0200 A.B.C.D.reputation-ns.rbl.scrolloutf1.com.[not listed] 16-07-11_Jul:07:1468222703_+0200 A.B.C.D.nobl.junkemailfilter.com.[blacklisted] (127.0.0.5) 16-07-11_Jul:07:1468222704_+0200 A.B.C.D.iddb.isipp.com. [not listed] 16-07-11_Jul:07:1468222704_+0200 A.B.C.D._vouch.dwl.spamhaus.org.[not listed] 16-07-11_Jul:07:1468222704_+0200 A.B.C.D.white.uribl.com. [blacklisted] (127.0.0.1) 16-07-11_Jul:07:1468222704_+0200 A.B.C.D.list.anonwhois.net. [not listed] ``` Example: ``` dig +short -t a 8.8.8.8.white.uribl.com. 127.0.0.1 ``` Why should googles DNS Server be on that list? I tried out a good dozen of IP Adresses that should be whitelisted but are reported as listed. - google - 1and1 - amazon - two of my servers who are not even using mails - my own mailserver ( 2 ) - Mailservers of a friend - ... And they all are reported by spamhaus and uribl.. And idea how to fix this? Greetings from germany, Bastian
kerem closed this issue 2026-02-28 12:08:58 +03:00
kerem commented 2026-02-28 12:09:03 +03:00
Author
Owner
Copy link

@Avalarion commented on GitHub (Jul 12, 2016):

Found one problem. UriBl is answering 127.0.0.1 if the query itself is blocked: http://uribl.com/about.shtml#implementation I am writing them now.

<!-- gh-comment-id:231959990 --> @Avalarion commented on GitHub (Jul 12, 2016): Found one problem. UriBl is answering 127.0.0.1 if the query itself is blocked: http://uribl.com/about.shtml#implementation I am writing them now.
kerem commented 2026-02-28 12:09:03 +03:00
Author
Owner
Copy link

@Avalarion commented on GitHub (Jul 12, 2016):

Found the second Problem:

The DBL lists ONLY domains. Do not query the DBL for IP addresses.

source: https://www.spamhaus.org/dbl/ right column.

So requesting A.B.C.D.dbl.spamhaus.org always results in an false positive.

<!-- gh-comment-id:231961825 --> @Avalarion commented on GitHub (Jul 12, 2016): Found the second Problem: > The DBL lists ONLY domains. Do not query the DBL for IP addresses. _source: https://www.spamhaus.org/dbl/ right column._ So requesting A.B.C.D.dbl.spamhaus.org always results in an false positive.
kerem commented 2026-02-28 12:09:03 +03:00
Author
Owner
Copy link

@adionditsak commented on GitHub (Sep 26, 2016):

@Avalarion Sounds great Ava, can you do a pull request if you manage to resolve it? Cheers

<!-- gh-comment-id:249515479 --> @adionditsak commented on GitHub (Sep 26, 2016): @Avalarion Sounds great Ava, can you do a pull request if you manage to resolve it? Cheers
kerem commented 2026-02-28 12:09:03 +03:00
Author
Owner
Copy link

@adionditsak commented on GitHub (Nov 4, 2018):

Using a new list with more reliable responses

<!-- gh-comment-id:435659904 --> @adionditsak commented on GitHub (Nov 4, 2018): Using a new list with more reliable responses
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
No results found.
Labels
Clear labels   
pull-request

Mirrored from GitHub Pull Request

No labels
pull-request
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/blacklist-check-unix-linux-utility#1
No description provided.