Page 1 of 1

Add optional access keys to blacklists.

Posted: 2009-12-07 14:09
by ^DooM^
90% of blacklists do not use access keys as they are free but there are some that do and currently there is no way to use these in hMail.

abcdefghijkl.2.1.9.127.dnsbl.httpbl.org
[Access Key][Octet-Reversed IP][List-Specific Domain]

I would like to see hMail have the ability to use these blacklists as well.

See this url for more details

http://www.projecthoneypot.org/httpbl_api.php

Also not sure if hMails return code values would be able to handle what is returned by honeypot as it is quite granular.

Code: Select all

Query: abcdefghijkl.2.1.9.127.dnsbl.httpbl.org
Response: 127.3.5.1

1) 127 : standard unchanged response
2) 3   : days since last seen.
3) 5   : threat rating 0 - low 255 - high
4) 1   : behaviour of type "search engine," "suspicious," "harvester," and "comment spammer." or multiples thereof using a bitset. More details @ link
Cheers!

Re: Add optional access keys to blacklists.

Posted: 2010-01-20 19:12
by sheffters
How good is the project honeypot blacklist?

I've had spam traps for years for them, but never got round to setting up the blacklist on a mail server.

S.

Re: Add optional access keys to blacklists.

Posted: 2010-01-20 19:39
by ^DooM^
I use it on my website, It's excellent. hMail can't use it though due to access key being required and that the codes returned are quite specific however with the new changes being added to DNS return result that's no longer an issue, just the access key.

Re: Add optional access keys to blacklists.

Posted: 2010-06-24 09:47
by ensarija
Just Bumping topic.
I did same request here, not knowing this exists.

Re: Add optional access keys to blacklists.

Posted: 2010-06-24 12:14
by dzekas
Users should contact their RBL service provider and ask to follow standard RBL address usage procedures.

Standard tools will work, if service provider uses [Octet-Reversed IP][Access Key][List-Specific Domain]. hMailServer might implement [Access Key][Octet-Reversed IP][List-Specific Domain] and then some smarta.. provider will invent other customer verification scheme and users will ask to support other "DNS/RBL authentication" method.