DNSBL

Open Backdoor operates a DNSBL (Domain Name Service Blocklist) for use with E-Mail servers and IRC (Internet Relay Chat) networks. Since we operate both, we have our fair share of bad actors and would like to combat this. We operate this DNSBL to not only protect our own infrastructure, but to also provide back to the community. There are plenty of other DNSBLs out there, however their primary focus is on E-Mail spam. We source the IP addresses of bad actors from various sources such as IRC, E-Mail, SSH, firewall logs, failed web admin logins, etc. Also, unlike plenty of other DNSBLs, we utilize an anycast network for our nameservers. This makes our DNSBL more responsive and reliable. Please see below for instructions on how to implement our DNSBL into your specific software.

We strongly recommend you run a local caching recursor on your server(s) such as pdns-recursor (PowerDNS Recursor) or Unbound!

Request Removal

You can request removal by e-mailing gtaxl at gtaxl dot net. Form and lookup tool coming soon.

Partners

The following organizations partner with us to contribute to the Open Backdoor DNSBL.

CakeForceUK

Want to join? Please contact us at gtaxl at gtaxl dot net and we can give you an API key and scripts for your software.

IRC (Internet Relay Chat)

HOPM (Hybrid Open Proxy Monitor)

This is the successor to BOPM.
More info here.

blacklist {
    name = "bl.gtaxl.net";
    type = "A record reply";
    ban_unknown = no;
    reply {
        2 = "Listed. See TXT record for reason.";
    };
    kline = "gzline +*@%i 7d Your IP address is listed in the Open Backdoor DNSBL. Please see https://openbackdoor.com/dnsbl.html#faq for more info.";
};

UnrealIRCd

More info here.

blacklist OBD {
    dns {
        name bl.gtaxl.net;
        type record;
        reply { 2; };
    };
    action gzline;
    ban-time 7d;
    reason "Your IP address is listed in the Open Backdoor DNSBL. Please see https://openbackdoor.com/dnsbl.html#faq for more info.";
};

InspIRCd

TXT Reason support is in the works.
More info here.

<dnsbl
    name="OBD"
    domain="bl.gtaxl.net"
    type="record"
    records="2"
    action="zline"
    duration="7d"
    reason="Your IP address is listed in the Open Backdoor DNSBL. Please see https://openbackdoor.com/dnsbl.html#faq for more info.">

Anope

We recommend you do this on your IRCd instead.
More info here.

blacklist
    {
        name = "bl.gtaxl.net"
        time = 7d
        2 = "Listed. See TXT record for reason."
        reason = "Your IP address is listed in the Open Backdoor DNSBL. Please see https://openbackdoor.com/dnsbl.html#faq for more info."
    }

E-Mail

Postfix

main.cf More info here.

smtpd_recipient_restrictions =
    reject_invalid_hostname,
    reject_unknown_recipient_domain,
    reject_unauth_pipelining,
    permit_sasl_authenticated,
    permit_mynetworks,
    reject_unauth_destination,
    reject_rbl_client bl.gtaxl.net,
    check_policy_service unix:private/policy-spf

Frequently Asked Questions

What is a DNSBL?

DNSBL stands for Domain Name Service Blocklist. It is a blocklist that contains IP addresses participating in malicious activities. A DNSBL is widely used on E-Mail servers to prevent spam from known offenders. However, ours is designed for both E-Mail and IRC (Internet Relay Chat) servers. A DNSBL runs on DNS (Domain Name System), the same technology that powers domain names. Hence its name.

How does a DNSBL work?

It works a little something like this... blah blah still needs to be completed.

I tried to connect to an IRC network but it says I'm listed in your DNSBL. How do I resolve this?

You must appeal... no this section is not done yet. Sorry about that..