[SURBL-Discuss] Lookup web page not showing blacklisted urls?

SURBL Role surbl.role at gmail.com
Wed Jun 3 11:16:49 CEST 2009


On 6/3/09, Emanuele Balla <skull at spin.it> wrote:

> Any idea about why this happens only with older rbldnsd versions?

They may produce slightly different results by default.  For example,
future versions of rbldnsds may have long answers turned off by
default.  Or it may not be an issue.

>  I'd expect this to happen based only on geographic location of the SURBL
>  mirror (does the query pass through the great firewall or not?), not on
>  the software version...
>
>  Couldn't be "they" just "improved" the DNS hijacking stuff in order to
>  have replies to subdomain queries (flickr.com.multi.surbl.org) managed
>  the same way of 2nd level queries (flickr.com), in oder to -say- block
>  mirrors and proxies too, so we're observing this issue just now?

The paper talks about DNS modification based on substring matching.
That was in 2007.  Not sure why it would start applying now.  Could be
proxies, or maybe someone is trying to bypass China's DNS firewall by
offering a DNS service like:

  twitter.com.bypassthegreatwall.com

which resolves to the real IP for twitter.com

Jeff C.


More information about the Discuss mailing list