Author: D.Daster (26 Aug 10 9:31am)
I´ve come across a rather annoying snag when trying to use the DNSBL.
I don´t know if this is a bug, or if its some set of circumstances.
The issue is that a lot of comment spam comes from IPs that are listed on the website, but do not return on the DNSBL.
Take, for example,
They´re both comment spammers, have threat ratings of 25, and 24, respectively. They´re both active within a week, seen more than once. Unfortunately, they both also do not return in the DNSBL.
For me this is going on for some time, particularly 220.127.116.11, which has been comment spamming me for at least a month.
There are quite a number of other IPs listed, but not automatically blockable because of this problem. There are also a lot of IPs which are handled fine by the DNSBL.
Perhaps a pattern i´ve noticed is that i´ve never seen the DNSBL return a type of 4, i´ve only seen it return when it is ALSO suspicious. This seems strange though, if it is labeled a comment spammer, should it not also be suspicious?
I guess what i´m trying to figure out is why some IPs which are obviously malicious, do not end up in the DNSBL.