spambag.org - usage

spambag.org is currently being prepared for public use. There will be two ways to access the spambag.orglist.

DNS-based access

This is the traditional distribution method, via a DNS zone. The DNS zone is blacklist.spambag.org. It is suitable to be used as a typical E-mail filters, and most popular mail servers already have the ability to access DNS-based lists.

NOTE: Before using blacklist.spambag.org as a mail filter, think about it. Read the listing criteria. blacklist.spambag.org is not meant to be necessarily a list of spam sources, but a list of spam support service providers. It's very likely that non-junk mail from the listed networks will be caught. Suggestion: simply add a header tag instead of blocking the mail, that can be easily filtered on by the recipient; or provide the recipients with the means to opt themselves in or out of the mail filter.

NOTE: Be sure that your own IP addresses are explicitly whitelisted, in the event that your ISP ever makes the honors.

If you are handling a fair amount of mail, you will get much better performance if you were to set up a zone-transferred copy of the blacklist.spambag.org DNS zone. As of right now, zone transfers are available from ns0.courier-mta.com and rack0.amplex.net . If you would like, you can be added to the zone's NOTIFY list by contacting <spambag@spambag.org>

HTTP filtering

This is a rather novel way to distribute IP address ranges. I've been using spambag.org as an HTTP filter on several high-traffic web sites, with some success. Using Apache's mod_rewrite module, HTTP client requests from listed IP addresses are redirected to a static page explaining why they are blocked from accessing my web sites.

To use an HTTP filter, first download this simple script. You will need to customize it a little bit, according to your system configuration. The basic idea is to execute this script once or twice a day. The script checks if the spambag.org list has changed, if so the script downloads a mod_rewrite-compatible .htaccess script, which is signed by spambag.org's GnuPG key. If the signature is valid, the updated rewrite file is installed on your system.

Additional instructions can be found in the comments at the beginning of the sample script, which you can customize according to your system's configuration. Instead of redirecting listed traffic back to www.spambag.org you may - and are encouraged - to use your own explanation page. For example, if the script is customized is install the rewrite file as /etc/httpd/blacklist.conf, simply insert the following into Apache's httpd.conf file:

Include "/etc/httpd/blacklist.conf"
... and you're all set.

You will also need to add something at the end of the script that restarts your Apache processes so that the new configuration file can be reread. Please do not execute this script more than once or twice a day. By checking the serial number on the blacklist.spambag.org zone, the script is designed to minimize the network traffic, but every little bit helps. Note that you may experience problems downloading any updates if you are having problems with your DNS server.


spambag.org privacy policy http://www.spambag.org spambag.org FAQ