thats a VERY nice addition, if I say so.

Personally I'm glad it's a plugin because that means I can delete it.

Here's the deal. Back in the day I used a dialup account. I tried to visit a web from a visitor to these forums. I got blocked because they used the dsbl thing, or more accurately a hack that made the dsbl thing part of their b2evolution blog. Apparently the IP my dialup service put me on is 'spammy' according to that service, which meant that I personally was deemed unacceptable to the person who visited these forums. NEVER will I allow a third party to decide who visits my web and who doesn't, so thanks for making it a plugin (that I can delete)!

lol, thats so true .. I even reme only a cpl weeks ago complianing about those sorts of services too (doh).

I think though that it would be nice to have something that checked JUST known proxy ips .. ya know?

My question was exactly about which lists should be used as default.

And anyway, by default the user can whitelist him/herself by clicking a button that stores it into his session. I'm not sure how easy it may get for the spammers to auto-whitelist themselves, but it's just one part of the whole Antispam thing.

blueyed wrote:

My question was exactly about which lists should be used as default.

My apologies! I should read before reacting I guess.

On my blog, I've been using the following DNSBLs (see [url=http://forums.b2evolution.net/viewtopic.php?p=23293#23293]BlockUntrustedVisitors[/url]):

• list.dsbl.org for IP only;

• opm.blitzed.org for IP only;

• bsb.empty.us for both IP and referrer domain.[/list:u](I wonder if sbl-xbl.spamhaus.org does not include opm.blitzed.org already.)

Those DNSBLs blocked most (all but a few ones) of my blog's referrer and trackback spammers. The issue with bsb.empty.us is that it's been down for a couple of days making DNS look up very long (until the timeout value is reached). To avoid it hangs your page display, it might be interesting to make the code use a low level sockets functions to perform the DNS look ups. In the general case, however, those DNS look ups don't exceed 10 ms each. With a caching system implemented, that might make those queries quicker. With new entries kept for 7 days or so, the full list of blacklisted IPs should not exceed a few hundreds entries on a very popular blog while whitelisted IPs depend of the blogs' traffic. To answer to the original question, I would recommend:

• xbl.spamhaus.org

• list.dsbl.org

• opm.blitzed.org (if not covered by xbl.spamhaus.org)[/list:u]as default activated DNSBLs and

[*]bsb.empty.us for both IP and referrer domain[/list:u]as default but deactivated DNSBL.

an idea for blacklists is y don't you have them auto-update?

So say the admin of the blog goes to backoffice.
If his list is older than 2 weeks, he will get a message asking does he want to update his blacklist?

If this is already done please ignore me.

balupton wrote:

an idea for blacklists is y don't you have them auto-update?
So say the admin of the blog goes to backoffice.
If his list is older than 2 weeks, he will get a message asking does he want to update his blacklist?

The idea of a DNSBL (Dynamic Name Server Black List) is to make possible easily query the DNSBL with a given IP and know if it has been blacklisted or not.

Those DNSBLs are external blacklists generally updated by large networks (ISPs, server hosting companies, etc.) So, you don't have to update the blacklist, since it is updated in real time by third parties. (Caching such a blacklist makes it generally quicker to query.) Some DNSBLs reference open proxies (often used by spammers and hackers to hide their original IPs) and known spamming IPs. They are mainly used to filter incoming e-mails, but can also be used for other usage. In this case, they would be used to filter incoming visitors to prevent (or at least reduce) referrer, comment and trackback spamming on your blogs.

Alrite well i was talking about how if you go into anti-spam in the backoffice there is an option to update that blacklist....

balupton wrote:

Alrite well i was talking about how if you go into anti-spam in the backoffice there is an option to update that blacklist...

There is no update option of a DNS blacklist, since it is updated by third parties elsewhere than in the backoffice.

[Request abuse update from centralized blacklist!]

From: blogroot/admin/antispam.php

You click that and it will update the blacklist....