dnsbl

Spamhaus just announced that they’ve “reinvigorated” the ASN-DROP list, now available in JSON format. The point of this whole thing is for network operators (think ISPs and similar) to just totally block off any potential connections with really bad networks that are spewing nothing but spam, phish and other garbage.In theory this should not impact your typical marketing sender, but it’s good all of us to be aware of what this is. They’re blocking, in some cases, some bad guys who would happily take threats to a phyiscal level with Spamhaus people, given the chance. If the bad guys can’t route their bad stuff, they can’t rip people off, and they don’t make as much (ill gotten) money. That’s why Spamhaus folks are sometimes cagey about full names and locations, in case you’re wondering — not because they’re worried about how a Fortune 500 retailer might react to an SBL

A friend warned me of a scenario that could have the potential to freak people out, if misunderstood. It looks like this:This person is using Spamhaus to filter inbound mail.They seem to be rejecting mail from Gmail due to a Spamhaus listing.The Spamhaus website DOES suggest there might be an SBL entry (a blocklisting) for Gmail.So…Spamhaus is blocking Gmail? NO, no no. Gmail is not blocklisted by Spamhaus. Promise. Here’s what’s actually happening.Using Spamhaus is good, but querying Spamhaus using open/public DNS resolvers is bad. Spamhaus is actually rejecting those queries — they’re not blocking mail from Gmail. The person running into this problem needs to switch over to using the Spamhaus DQS (Data Query Service), and that ought to just flat out fix things.As noted above, the rejections are actually because the email administrator of the mailbox provider or mail server in question has configured Spamhaus in a way