5 releases (3 breaking)
|0.5.1||Feb 24, 2023|
|0.5.0||Feb 20, 2023|
|0.4.0||Apr 25, 2021|
|0.3.0||Apr 18, 2021|
|0.2.0||Apr 13, 2021|
25 downloads per month
Looks up IP addresses and domain names in so-called "DNSRBLs". I say "so-called" because there's no real reason why they should be block lists.
This project takes significant inspiration (but no code) from https://github.com/logic/rblcheck. The biggest benefit over the original is IPv6 support, which is unfortunately lacking from most RBL tooling. We also support allow-lists, and if an IP or name is found in one of the allow-lists then we report not blocked.
$ dabl --help dabl 0.4.0 USAGE: dabl [FLAGS] [OPTIONS] <query> FLAGS: -h, --help Prints help information -q, --quiet Only output errors -V, --version Prints version information -v, --verbose Output debugging information OPTIONS: -a, --allow <allow>... A DNS allow list -b, --block <block>... A DNS block list ARGS: <query> An IP address (v4 or v6) or domain name
The Author uses
dabl to restrict access to his IMAP service using TCP Wrappers.
Regular DNSBLs aren't intended to restrict access to consumer-facing services; you probably don't want to block the "Dial-Up Address List", for example.
Spamhaus has a subscription list called "AuthBL" which contains IPs observed attempting credential stuffing.
I have no interest apart from being a very happy user of their free subscription.
Adding this line to
/etc/hosts.allow and enabling the relevant configuration in your service will let you query the lists of your choice.
imap, imaps: ALL: aclexec /usr/local/bin/dabl -a al.aylett.co.uk -b bl.aylett.co.uk -b YOUR_KEY_HERE.authbl.dq.spamhaus.net %a
Note that the Author's allow and block lists are not general-purpose, and you'll need a key for SpamHaus. Copy and paste at your own risk! If you want to run your own DNS allow- and block-lists, you may find rbldnsd to be useful.