Michael Scheidell schrieb:
> Wasn't there a standard at one time, return something different (test) if
> you queries 2.0.0.127.{dnsblacklist}? If it returned (at least) '127.0.0.2'
> and a list of other valid bitflags. that meant that the dnsbl was up and
> running? Anything else and it wasn't?
See https://datatracker.ietf.org/drafts/draft-irtf-asrg-dnsbl/, esp. at
the end of chapter 5:
The combination of a test address that MUST exist and an address that
MUST NOT exist allows a client system to defend against DNSxLs which
deliberately or by accident install a wildcard that returns an A
record for all queries. DNSxL clients SHOULD periodically check
appropriate test entries to ensure that the DNSxLs they are using are
still operating.
-- Matthias
