Testing DNSBLs

ml-it-argus at epigenomics.com ml-it-argus at epigenomics.com
Tue Aug 14 10:32:40 EDT 2007


Hi!

Has anyone created a test to check if a specific IP is in a DNS based
black list?

It could be done with a DNS based test but you want the test to fail if
the entry is found and not if the entry is not found, i.e. Argus should
complain when the IP address is listed.

I guess that could be done with something like

        Service UDP/DNS {
                zone:   2.0.0.127.ix.dnsbl.manitu.net
                class:  IN
                query:  A
                test:   answer
                nexpect:        127.0.0.2
        }

but is there a more "elegant" way for multiple DNSBLs?

We want to keep an eye on the IP addresses of our mail servers and if
they are listed in the various black lists.

Greetings
-- 
Robert Sander                     Senior Manager Information Systems
Epigenomics AG    Kleine Praesidentenstr. 1    10178 Berlin, Germany
phone:+49-30-24345-0                            fax:+49-30-24345-555
http://www.epigenomics.com             robert.sander at epigenomics.com


More information about the Arguslist mailing list