Skip to content
Advertisement

How do you access the public Spamhaus DBL service?

The Spamhaus DBL is intended to be used to find domains that have poor reputations of sending spam. According to their documentation you should be able to test that it is working by looking up the host or dig response for 'dbltest.com.dbl.spamhaus.org' and it should respond with 'dbltest.com.dbl.spamhaus.org IN A 127.0.1.2'. However this is what I get:

print_r(`host dbltest.com.dbl.spamhaus.org`);
// Results in:
// Host dbltest.com.dbl.spamhaus.org not found: 3(NXDOMAIN)

// AND
print_r(`dig dbltest.com.dbl.spamhaus.org`);
// Results in:
//; <<>> DiG 9.10.3-P4-Ubuntu <<>> dbltest.com.dbl.spamhaus.org
//;; global options: +cmd
//;; Got answer:
//;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18973
//;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
//
//;; OPT PSEUDOSECTION:
//; EDNS: version: 0, flags:; udp: 512
//;; QUESTION SECTION:
//;dbltest.com.dbl.spamhaus.org.  IN      A
//
//;; AUTHORITY SECTION:
//dbl.spamhaus.org.       5       IN      SOA     need.to.know.only. hostmaster.spamhaus.org. 2010142352 //3600 600 432000 10
//
//;; Query time: 37 msec
//;; SERVER: 8.8.8.8#53(8.8.8.8)
//;; WHEN: Wed Oct 14 17:54:12 MDT 2020
//;; MSG SIZE  rcvd: 121

The host results look exactly like what Spamhaus says the response should be if the domain is not listed in the DBL. And the dig results seem mostly useless in this context unless I’m just missing something. Neither are correct. I’ve also tested suggested solutions from github, but none of the proposed options (or any reasonable combination of the suggestions that I can think of) produce viable results either.

I’m starting to think that Spamhaus may have shutdown the public side of this service, but I’m hoping that I’m wrong.

Advertisement

Answer

The problem is that you’re using Google Public DNS. It’s explained in this FAQ

If you are using a free “open DNS resolver” service such as the Google Public DNS (8.8.8.8) in most cases they will return a “not listed” (NXDOMAIN) reply from Spamhaus’ public DNSBL servers.

  • We recommend using your own DNS servers when doing DNSBL queries to Spamhaus. If this is not possible, contact us for other options.

I get the correct response when using the Comcast DNS servers. Try using your own ISP’s nameservers instead of Google.

User contributions licensed under: CC BY-SA
1 People found this is helpful
Advertisement