Skip to content

The Composite Blocking List

Summary

Status: Active
Terms: Free
Zones: 1
Website: cbl.abuseat.org
Removal: cbl.abuseat.org/lookup.cgi
Lookup: cbl.abuseat.org/lookup.cgi

Background

The CBL, otherwise known as The Composite Blocking List is a DNS based blacklist similar to the majority of other DNS based blacklists. The CBL does not list URL’s or URI’s, and like other DNSBL’s lists large quantities of IP addresses. Current averages of number of IP addresses in the CBL are approximately 5 million. The CBL can be used as a scoring based blacklist, or as a immediate block blacklist, where the message is dropped early on in the SMTP conversation. Administrators of the CBL recommend that it be used as an immediate block type of blacklist, and are available at all times for support via email. However, they do recommend you first use the tools on their website to try to solve any problems you may have on your own.

Listing criteria

The CBL receives its data from large spamtraps. The only IP addresses that are listed are those that have characteristics defined as open proxies. Some such characteristics are open proxies, HTTP Proxies, SOCKS Proxies, WinGate, AnalogX and dedicated custom spambots. Efforts are also taken to include email address harvesting machines, and well as machines that have been seen performing dictionary attacks. The only IP’s that are listed are those that have actively made a connection to one of the CBL listing machines. The CBL does not actively scan other machines looking for IP addresses to list.

Further, The CBL does not list open relays. It is important to understand the distinction of an open relay, and an open proxy. An open relay is a misconfigured email server that allows anonymous SMTP sending of third part email through a remote system. The CBL makes no effort to list such servers. An open proxy is generally a web server that will allow email sending to piggy back on a script that sends email. The CBL will notice and block such systems.

There are more reasons The CBL will not list and IP address than reasons that it will list an IP address. The CBL primarily exists to list infected and compromised machines. They do not list dynamic IP address space, ranges of IP addresses, known IP addresses owned by spammers, and certainly do not take suggestions for listings. As a result, it is not possible for the data in THE CBL to ever become compromised. Only CBL identified IP addresses that have been seen contacting CBL equipment, and noticed to be infected or compromised are ever listed.

Zones

cbl.abuseat.org

The primary DNS zone for The CBL is cbl.abuseat.org. You can perform a lookup against it in the same way you would lookup against any other DNSBL, where a positive listing will return 127.0.0.2. The CBL is also available for download in full, via rsync, to members. Membership is free.

One unique aspect of The CBL is that they discourage you from querying them directly. The CBL either asks that you rsync their zone, or, though a cooperative with Spamhaus, perform your lookups there. A complete and full copy of cbl.abuseat.org is maintained by Spamhaus at zen.spamhaus.org.

Removal Process

Removal from The CBL is simple; go to The CBL IP address lookup page and request that your IP address be removed. If your IP address is listed, the returned result will have instructions that explain in some detail, why you were listed, and how to go about removal. In most cases, to be delisted, you will need to secure your machine, and ask The CBL system to test your IP address again through The CBL IP address lookup page.

The CBL intentionally discloses as little information as possible about their processes in an effort to keep spammers in the dark. That which spammers do not know, can not be used in an attempt to circumvent The CBL systems.

Related Articles

Related Articles

All
  • All
  • Easy Prey Podcast
  • General Topics
  • Home Computing
  • IP Addresses
  • Networking
  • Online Privacy
  • Online Safety
2020 Privacy, Safety, Cybersecurity Podcasts

Top 20 Cybersecurity Podcasts You Should Listen to in 2020

We’ve seen Twittersphere explode with bite-sized information security (InfoSec) news over the past few years and we’ve…

[Read More]
Managing Credit Cards

Alert! Managing Credit Cards Should be Your Focus.

Managing credit cards is the key to good credit. It's more important than low rates and credit...

[Read More]
Data Breach

Data Breaches: Why You Need to Use a Data Breach Check Tool

Using a data breach check tool is the best way to find out if you have accounts...

[Read More]

Psychopaths and Self-Protection with Mike Mandel

Most of us would not consider ourselves to be an easy target for a predator. But we…

[Read More]

Privacy by Design with Nishant Bhajaria

Data privacy has often been an after-thought in software and platform development. Data breaches have increased consumer…

[Read More]

Surviving a Romance Scam with Debby Montgomery Johnson

Many are resigned to stay silent about the pain of being scammed, but today’s guest helps empower…

[Read More]