Blocking
It is not possible for DSBL to block or intercept mail. E-mail is sometimes blocked or bounced with a message referencing DSBL. These messages were not blocked by DSBL; they were blocked by the administrator of the ''receiving'' mail server, who chose to reject messages coming from a potentially-insecure IP address listed by DSBL. SeeMethodology
DSBL lists IP addresses of hosts that are demonstrated to be insecure. DSBL defines an insecure host as one that allows e-mail to be sent from anyone to anyone else. Normal servers only send mail from their own users to anyone else. Insecure servers are commonly abused by spammers, although DSBL does not claim that the hosts have sent spam or have been abused by spammers; only that they could be. DSBL builds its lists by receiving specially-formatted "listme" e-mails triggered by testers. DSBL itself does not test hosts for security vulnerabilities. The testers use software that causes insecure servers to send a message to an e-mail address monitored by DSBL. The message includes a time-sensitiveDelisting
For an IP address to be removed from DSBL's lists, the administrator of the IP address must demonstrate "accountability" by first requesting, and then responding, to a delisting message from DSBL. The message can only be sent to the postmaster or abuse desk of the listed IP address. The postmaster's e-mail domain is determined by consulting reverse DNS. Until this accountability test is passed, the host remains listed. Thus it is possible that some of the IP addresses listed by DSBL have been secured, but are still listed because the administrator has not demonstrated accountability by requesting and responding to a de-listing message. Because DSBL does not perform vulnerability tests, the only criterion for removal is this accountability test. It is entirely possible that hosts that are delisted are still vulnerable to abuse. If this is the case, it is expected that the host will be relisted by a tester the next time it is abused. The problem with the delisting process is that dynamic dial-up IP-addresses which make it to the list will never be delisted since delisting would require to run an SMTP-server in the temporary dial-up IP. Another problem is that they require the SMTP server to be running behind a router that allows packets marked with the ECN bits. This may require an upgrade to the newest router software before the accountability email can be received.Automated system and credibility
DSBL is a largely automated system. The delisting process, in particular, is an automated self-service web page. Manual processes are not used to remove an IP address from the list, except in rare cases where a bug in DSBL's software prevented a delisting. DSBL's operators believe that manual delisting processes would undermine the list's credibility.Lists
DSBL operated three lists: * unconfirmed.dsbl.org: The unconfirmed list contains IP addresses of hosts that have delivered listme messages triggered by anonymous or untrusted testers. DSBL does not recommend using this list as part of a blocking system. * list.dsbl.org: The trusted list contains IP addresses of hosts that have delivered listme messages triggered by trusted testers. * multihop.dsbl.org: The multihop list contains IP addresses of hosts that deliver mail for insecure servers. The servers in this list may appear to be secure, but can be abused by spammers because they trust other servers that are insecure. This category sometimes includes the mail servers of largeExternal links