Subscribe to RSS News Feed
About Spamhaus  |  Press Office  |  FAQs   

Spamhaus DNSBL return codes: technical update

2019-09-30 17:29:19 UTC   |   by Chris Thompson   |   Category:  dnsbl, return codes
Recent News Articles

Spamhaus Botnet Threat Update: Q3-2019

Spamhaus DNSBL return codes: technical update

Enable badness and the stats will speak for themselves

MTA developers: allow use of domain DNSBLs at the SMTP level

Spamhaus Botnet Threat Update: Q2-2019

Spamhaus Botnet Threat Update: Q1-2019

Emotet adds a further layer of camouflage

Block 99.4% of spam using only Spamhaus’s blocklists and SpamAssassin


Older News Articles:
Spamhaus News INDEX

Spamhaus' primary data sets are published in DNS zones known as DNSBLs. Users of that data ask the zone a question (a "query") and the zone provides a response - a return code - in the form of an IPv4 IP address within a designated range (RFC1918 internal network). The meaning of each of those particular IP responses may carry additional information to the querier. We post those return code values in our DNSBL Usage FAQ.


A new range containing return codes (127.255.255.0/24) has been added to return possible errors related to the DNSBL queries themselves, which should NOT be interpreted as any sort of reputation related to the data being queried. While it will be quite uncommon for most Spamhaus users to encounter these codes, it is vitally important that software developers implement all return codes correctly, and not treat these error codes as any sort of reputation or "listed" values. The first two new error codes, and links to pages further explaining their meaning, are:


Return Code Zone Description
127.255.255.254 Any Query via public/open resolver
127.255.255.255 Any Excessive number of queries


Anyone that encounters either of those return codes should recognize that their queries are receiving error responses. Those responses must not be interpreted as advisories of Spamhaus reputation data regarding the object which was queried. Accordingly, any software which queries a Spamhaus DNSBL must distinguish between valid reputational responses and those error code responses. Any software which does not distinguish response codes from Spamhaus DNSBLs is, unfortunately, already out of date and may not be reliable in these or other cases. A common result of not correctly parsing DNSBL return codes is either treating all responses as either "LISTED," or treating them all as "NOT LISTED," and that means either all mail is treated by the indiscriminate software as "spam," or all mail is treated as "not spam." Neither result is desirable.

Failure to correctly parse these return codes will render the query results meaningless and detrimental for the querier!

These two return codes apply only to Spamhaus Project publicly queried zone mirrors. Clients of Spamhaus Technology DQS or rsync services will never encounter these return codes.



Spamhaus Information

Press Office
Spamhaus News Index
Spamhaus in the media
About Spamhaus
Spamhaus Official Statements
Article Information

Permanent link to this news article:
Spamhaus DNSBL return codes: technical update
http://www.spamhaus.org/news/article/788/spamhaus-dnsbl-return-codes-technical-update

Subscribe to RSS News Feed
Spamhaus News Quotes

Permission to quote from or reproduce Spamhaus News articles is granted automatically providing you state the source as Spamhaus and link to the news record.
© 1998-2019 The Spamhaus Project SLU. All rights reserved.
Legal  |  Privacy