View Single Post
  #3   (View Single Post)  
Old 14th January 2013
pablovalcarcel pablovalcarcel is offline
New User
 
Join Date: Jan 2013
Posts: 7
Default Questions about a blacklist ip checker script

A few days ago, I found in this forum a great and useful script to check from command line if some ip addreess it´s listed on some blacklists: daemonforums.org / showthread.php ? t=302.

The script itself describes how to perform manually this queries from a particular blacklist which procedure consists in:
* Reverse the address 125.175.43.40 to 40.43.175.125.
* Append the name of the blacklist.
* (Sample)For the 'zen.spamhaus' list, that results in '40.43.175.125.zen.spamhaus.org'
* Resolve the resulting name in DNS with a DNS tool
================================================== ========
Again the response is an address in the loopback <b>127.0.0.0/8 range</b>, meaning it has been listed.---> Is this a standard or rfc?

Why this happens in this way? All the blacklist dns servers add blacklisted ips with a ip in address range 127.0.0.0/8?

I have tested and I got a output like this:
2013-01-11_15:08:54_UTC 30.75.194.82.bl.csma.biz. 208.91.197.19

If I query blacklisted ip on a website (whatismyipaddress.com / blacklist-check) I get a question with that searcher.

Are blacklister servers using different ways to blacklist ip address?

If I get a ip different from 127.0.0.0/8, always will be listed?

Thanks in advance for your help.
Reply With Quote