Valid XHTML 2.0
Valid CSS 2.1!
Valid XML 2.0!
WAI-AA Compliant!
The power to serve!
omg h4x0r!

Using proxyBL

proxyBL offers public access to its data in the form of a DNSBL.

Using the dnsbl.proxybl.org DNSBL

You may use the proxyBL DNSBL service free of charge for both commercial and non-commercial purposes. Some examples are listed below.

If you use the dnsbl it is strongly recommended to subscribe to the mailinglist.

Performing a manual DNSBL lookup

  1. Take an IP address, for instance the test address 127.0.0.2, and reverse its octets, yielding 2.0.0.127.
  2. Append the DNSBL's domain name, resulting in: 2.0.0.127.dnsbl.proxybl.org.
  3. Look up this name in the DNS as a domain name ("A" record). This will return either an address, indicating that the IP is listed; or a NXDOMAIN ("No such domain") code, indicating that it is not.
  4. If the IP is listed there will be a "TXT" record for the same name with more information about the listing.

Looking up an address in a DNSBL is thus similar to looking it up in reverse-DNS. The differences are that a DNSBL lookup uses the "A" and "TXT" record types rather than a "PTR" record type, and uses a forward domain (such as dnsbl.proxybl.org above) rather than the special reverse domain in-addr.arpa.

charybdis 2.0 and later blacklist {}

An example:

blacklist {
        host = "dnsbl.proxybl.org";
        reject_reason = "Your host is listed in proxyBL. 
    For more information, visit http://proxybl.org/lookup.do";
};

InspIRCd

If you are using the m_dnsbl.so module, you can add this line to your configuration:

<dnsbl name="proxyBL" domain="dnsbl.proxybl.org" action="ZLINE" 
reason="Your host is listed in proxyBL. Please visit 
http://proxybl.org/lookup.do?ip=%ip%" bitmask="253">

BOPM

BOPM can be configured to check proxyBL too.

blacklist {
    name = "dnsbl.proxybl.org";
    type = "A record reply";
    reply {
        2 = "Open proxy";
    };
    ban_unknown = no;
    kline = "PRIVMSG OperServ :akill add +3h *@%i Your host is 
    listed in proxyBL. For more information, visit 
    http://proxybl.org/lookup_branded.do?ip=%i&network=Network"; 
};

Postfix

You can use smtpd_recipient_restrictions to restrict access via proxyBL. This may prove advantageous in blocking SPAM that is sent through open proxies.

To do so, add to your smtpd_recipient_restrictions:

    reject_rbl_client dnsbl.proxybl.org

Sendmail

To restrict access via proxyBL you can add a DNS Blacklist to the macro configuration file. Add a dnsbl FEATURE line for the DNSBL in the section of the mc file that has other FEATURE lines:

FEATURE(`dnsbl',`dnsbl.proxybl.org')dnl

See DNSBL: Configuring Sendmail for DNS-Based Blacklisting for more information.

hosts.deny: Using proxyBL as a firewalling measure

It is possible to use proxyBL to help reduce attacks from inbound machines, using this script, and calling it from hosts.deny:

    sshd : 10.0.0.0/24, 127.0.0.1 : allow
    ALL : 192.168.0.0/32 : deny
    ALL EXCEPT httpd : ALL : aclexec /usr/local/bin/checkdnsbl %a

Thanks to DroneBL/rojo.