This article applies as of PRTG 22


Is there a list of blacklist servers available that I can use with the IP on DNS Blacklist sensor?


IP address on DNS blacklist servers

By default, the IP on DNS Blacklist sensor checks some default blacklist servers. You can add additional servers as a comma-separated list. See the links below for more servers.


Use with care


With each scanning interval, the IP on DNS Blacklist sensor queries all servers that you entered in the sensor settings. In our tests, 50 blacklist servers with a 5-minute scanning interval worked fine. Values in your network may vary, depending on the connection speed and availability of servers.

We recommend that you do not enter more than 10 servers to make sure that the sensor can complete the check within its scanning interval.

If you use too many blacklist servers, the sensor shows this error message:

Your request has timed out. Depending on the sensor type you use, the reason might be that the sensor could not connect to the target host or that a PowerShell command takes too long to execute. For more information, see https://kb.paessler.com/en/topic/71899 or https://kb.paessler.com/en/topic/37633. (code: PE018)

List of blacklist servers

  • access.redhawk.org
  • all.s5h.net
  • b.barracudacentral.org
  • bl.blocklist.de
  • bl.mailspike.org
  • bl.score.senderscore.com
  • bl.spamcop.net
  • bl.spameatingmonkey.net
  • cidr.bl.mcafee.com
  • db.wpbl.info
  • dnsbl-1.uceprotect.net
  • dnsbl-2.uceprotect.net
  • dnsbl-3.uceprotect.net
  • dnsbl.dronebl.org
  • dnsbl.justspam.org
  • dnsbl.kempt.net
  • dnsbl.sorbs.net
  • ips.backscatterer.org
  • ix.dnsbl.manitu.net
  • korea.services.net
  • mail-abuse.blacklist.jippg.org
  • psbl.surriel.com
  • spam.dnsbl.sorbs.net
  • spam.pedantic.org
  • spamsources.fabel.dk
  • tor.dan.me.uk
  • truncate.gbudb.net
  • ubl.unsubscore.com


Note: As of PRTG 15.2.17, the IP on DNS Blacklist sensor follows RFC 5782, where IPv4-based DNSxLs (blacklists and whitelists) must contain an entry for 127.0.0.2 for testing purposes. In previous versions, the sensor did not check this, which provided a false sense of security when using nonexisting (or no longer existing) DNS blacklist servers that always report that the IP address is not listed.

Many of the servers on that external list are now generating errors as per the note above. This is the edited list of servers from http://dnsbllookup.com/ which currently work ok with PRTG.

access.redhawk.org,all.s5h.net,

all.spamrats.com,

b.barracudacentral.org,

bl.blocklist.de,

bl.mailspike.org,

bl.score.senderscore.com,

bl.spamcop.net,

bl.spameatingmonkey.net,

cidr.bl.mcafee.com,

db.wpbl.info,

dnsbl-1.uceprotect.net,

dnsbl-2.uceprotect.net,

dnsbl-.uceprotect.net,

dnsbl.dronebl.org,

dnsbl.justspam.org,

dnsbl.kempt.net,

dnsbl.sorbs.net,

ips.backscatterer.org,

ix.dnsbl.manitu.net,

korea.services.net,

mailabuse.blacklist.jippg.org,

psbl.surriel.com,

spam.dnsbl.sorbs.net,

spam.pedantic.org,

spamsources.fabel.dk,

tor.dan.me.uk,

truncate.gbudb.net,

ubl.unsubscore.co


Disclaimer:
The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.