Network Management, Inc. Blog
test ignore me
The original email reputation management system began with the Realtime Blackhole List (RBL). The very first RBL was developed in 1997 by Paul Vixie for the . Referring to a network link that drops rather than forwards incoming traffic, Vixie intended the “blackhole” in this case to drop email traffic from sites that directly sent or enabled spam. The original RBL consisted of a list of suspect sites transmitted to subscribing systems administrators over Border Gateway Protocol (BGP). Subscribers could then apply the list to block TCP/IP traffic from those sites. While RBL reputations presented a significant step forward in managing spam, it also presented inherent challenges. MAPS meticulously worked to verify sites for accuracy before publishing them to the list. While this helped reduce false positives, it also significantly delayed subscribers’ ability to respond to attacks quickly. Over time, MAPS developed RBL clients that integrated with email software to enable administrators to customize their own RBL to reject incoming email on a per-server basis. The MAPS RBL laid the groundwork for the development of the DNS-based Blackhole List (DNSBL) format. The Domain Name System (DNS) Internet service translates domain names/ hostnames to IP addresses (forward DNS) and IP addresses to their associated domain names/hostnames (reverse DNS) with the help of a DNS server. Rather than being simply a discreet list, a DNSBL added multiple standards for dynamically listing and delisting IP addresses. DNSBL service providers could then distribute updated lists via the Internet Domain Name Service () using a standardized format. Early developers of DNSBLs added such criteria as whether a sending mail server used potentially exploitable open relays or proxies, or whether a mail server sent spam to a “honey pot” system designed to attract and gather spam for identification and analysis. Today, there are dozens of DNSBL services available and most email servers can query these services to verify the reputations of IP addresses. However, these services apply different standards for adding, removing or retaining IP addresses on their lists. Subsequently, some service lists may not contain potentially dangerous IP addresses, or erroneously include valid ones.