Click here to sign up for the Spam Resource newsletter

An open letter to DNSStuff

Dear DNSStuff,

You call your site “the center of the DNS universe” and position yourselves as experts on DNS, but it's time for me to question the DNSBL data and advice you hand out.

On multiple occasions, you've portrayed blacklisting issues as significant by returning blacklist results for certain DNSBLs, even though those lists don't drive any significant blocking issues (or don't block any spam) because they're dead or severely broken.

I've been around the block long enough to know that not every blacklist hit means there's an issue you need to worry about. Some lists have been dead for many months, and others list half the earth. In both of those instances, they're not really blacklists any more as much as historical artifacts waiting to be shut down and carted away.

If DNSStuff is going to continue to provide a widely used blacklist lookup tool, it's time to refine that tool so that it's actively maintained, and change the process so that DNSBL experts are actually involved in its upkeep. I'm not angling for a job here; I've already got one. But clearly, this section of your website needs more direct and active oversight, including involvement from people with significant DNSBL expertise.

Why? Well, let's start with a recap of how that whole APEWS restriction/ transition was handled by DNSStuff.

I contacted Kristina O'Connell, DNSStuff's VP of Marketing, on August 18, 2007. In that email I explained to her how because DNSStuff is incorrectly telling the whole entire world that it is listed on APEWS. UCEProtect had revoked its hosting of the APEWS zones five days previous and subsequently decided to replace the zone with a wildcard entry, to nudge sites to stop using the zone. As this is how DNSStuff was checking APEWS, it was returning data that was scaring email administrators unnecessarily.

She forwarded that email to Kevin Hutchins from DNSStuff support, who responded to me two days later, on August 20, 2007. Kevin explained that DNSStuff is already aware of the issue, and that they had to ask UCEProtect to put in a special text entry to “buy [DNSStuff] some time” to update their DNSBL tool and that they hoped to fix the problem sometime that week. He also went on at length about their responsibility to not judge a list and how they should continue to show all public DNSBLs, to provide a full picture of the space.

All fine and good – except that's not only what they're doing. They're also showing broken lists (APEWS) and dead lists (SPEWS). Leaving them in place produces a myriad of false positives, especially in the case of the UCEProtect APEWS zone.

Kevin also indicated that I was definitely not the only person to raise this issue to them recently.

This has been resolved – finally. I don't know exactly when, but they do seem to be querying APEWS directly now. It was only broken for days.

But wait – maybe it's not all fine and good. APEWS has blacklisted the IP address of DNSStuff's web server. Why? Does DNSStuff send spam? Or is APEWS an overly aggressive, broken list that shouldn't be relied upon?

And then there is SPEWS. Just the other day, I ran across this thread on the DNSStuff Discussion Boards, a paying DNSStuff user points out how the SPEWS blacklist has been dead for more than a year. He's right: It's dead and gone. The website still sits there, and who knows, maybe it could come back someday. But for now, it's frozen and not usable. The SPEWS data files are empty.

Kevin's answer in this thread is that they'll consider adding another asterisk of “not to be used.” As opposed to “doesn't exist,” or removing it because it no longer exists. In my opinion, that's not good enough. It doesn't stop the poor souls, who are not DNS experts, from thinking they have an issue, from running around asking for help, trying to solve an issue that doesn't actually exist.

As a long-time participant in various usenet newsgroups relating to spam fighting, I'm one of a multitude of first hand observers who've watched as system administrators come to these newsgroups begging for assistance. Why? Not because they saw a piece of mail being blocked; not because they've got a reject message in hand linking them to a specific DNSBL, but because they put their IP address into a webform on and were informed that they were blacklisted, because DNSStuff told them that they were.

For DNSStuff to continue to show SPEWS in lookup results is laughable. It's the exact opposite of expertise. Please, fix it. Please, bring actual DNSBL experts in to help you build a better tool.

I know you read my site – as you've reached out to me, looking for my help in the past. So I know you'll see this letter. I hope you'll heed this wakeup call.

Al Iverson and


Comments policy: Al is always right. Kidding, mostly. Be polite, please and thank you.

  1. Thank you! I've done some free look ups on DNSStuff and I have noticed how they show alerts for BL's that are no longer active.

  2. I am wondering if you ever heard back from them. I am a customer of theirs and they have ignored all attempts to resolve a technical matter with my account

  3. I did. Arik Keller, DNSStuff's COO, played bi-polar with me in email for a while, shortly after I posted this. It started with a complaint from them about employee names being used in my blog post, then we went through a stage where he called me a big meany, then tried to get Spamhaus and I together on a phone call for a big group hug, then tried to explain to me how blacklists work and how some die out. (Yeah, I know. Duh.) I think at some point in there he was trying to see what I would do for them or seeing if this was me angling for a job or something.

    Oh, then he forwarded me a link where a blacklist operator took issue with my methodology, and he asked me if I ever responded. Yeah, I did, I told him. Then I asked him if he ever responded to two or three other issues that I know anti-spammers had raised to him, issue with long-dead BLs and abusive querying of different community resources. (To the point where I know DNSStuff was blocked by that specific community resource provider.) He didn't detail for me how they responded to those. It was just more grist for the mill that they can dish it out, but not take it.

    If you are a paying customer of theirs, my recommendation would be to let it go, forget about 'em, and find a better set of online tools out there.

  4. It's interesting...Dnsstuff went to the dark side (commercial) and now charge for their services, but their information is inaccurrate. Way to go Dnsstuff, you're following the Microsoft business model (Vista): built it, market it, and they'll buy it - who cares if it doesn't work!

Previous Post Next Post