You are not logged in.
- Topics: Active | Unanswered
Pages: 1
#1 2008-02-15 9:20 pm
- cmptrwz
- Member
- Registered: 2008-02-15
- Posts: 3
DNS-Based Lookup, whole domain lookup
I noted two things about the APIs here:
1 - You need to do HTTP requests, which some servers may have disabled for security reasons
2 - You can't check for the number of hits a given email domain itself has gotten
I would be willing to help setup (and host, if needed) a DNS based blacklist type scenario for the IPs, usernames, and email addresses.
For example, the standard method of doing a DNS query against an IP is to reverse the quads and append the lookup address, while domains or usernames would merely have the lookup address appended to them. I am not sure how whole addresses would be checked, but I would probably recommend user.domain, aka replacing the @ with a . before appending the lookup address.
This could also have the benefit of caching, so that multiple hits from the same IP/domain/address/whatever get the result from a much closer DNS server.
The standard response code for "it is on the list", for the record, is an A record in the 127.x.x.x range. No A record returned would mean no entry exists.
Offline
#2 2008-02-17 10:27 pm
- Russ
- Guest
Re: DNS-Based Lookup, whole domain lookup
DNS is certainly the way to go. What do you need from me to help get it set up?
#3 2008-02-18 12:54 am
- cmptrwz
- Member
- Registered: 2008-02-15
- Posts: 3
Re: DNS-Based Lookup, whole domain lookup
That would vary. I would personally be using rbldnsd, so files compatible with that would be the best. If you don't want to generate them yourself then access to the database (only need read only) or a copy thereof would probably be the best option for me.
My recommendation would be to use the return value for a combination of two things:
127.0.x.y
Where x is an age indicator and y is a hit indicator.
For example on age:
0 - Last updated today
1 - Last updated in the past week
2 - Last updated in the past month
3 - Last updated more than a month ago
And on hit:
1 - 1 hit
2 - 2 or 3 hits
3 - 4 to 7 hits
4 - 8 to 15 hits
5 - 16 to 31 hits
6 - 32 to 63 hits
7 - 64 to 127 hits
etc.
if you aren't fully familiar with binary, that would be a range of 2^(#-1) through (2^#)-1, basically binary-defined ranges.
If written correctly there could be one single, combined file for multiple zones.
Aside from all of the above, if you want me to actually host the zones under your domain name then some DNS configuration will need to be done. If one of my domain names is ok with you then I will just do that instead.
Offline
#4 2008-03-30 3:19 am
- Russ
- Guest
Re: DNS-Based Lookup, whole domain lookup
I've seen similar RBLs done like that for email, but I don't have any experience setting one up. I do agree it would be useful. If you have the time and resources to create an RBL like this, it would certainly be appreciated. Thanks!
#5 2008-03-30 5:48 am
- cmptrwz
- Member
- Registered: 2008-02-15
- Posts: 3
Re: DNS-Based Lookup, whole domain lookup
Well, if you would like me to write the code to generate it from the database on your server I at least need to know the database layout to get started. The other details could be left to after the code itself is written.
Offline
Pages: 1