Can I use this tool against public mirrors of popular IP address DNSBLs?
Yes, but you should NOT do this.
Public mirrors are often offered for free service tiers. However, you should only use the “Comparison Tool” if you pay for the other service, have a local rsync copy of the zone you are testing, and have an API/Query key to make queries.
The tool generates many queries in quick succession, which can violate the terms of free public mirror services and is generally unfriendly.
Do you charge for this tool or the queries to Guardian Mail?
No, the “Comparison Tool” is designed for those running a trial of Guardian Mail.
Do not run the tool if you already have an Guardian Mail subscription. Running it will significantly increase your average query count, which can affect billing.
Can I use the tool to compare domain lists?
No, the “Comparison Tool” only supports IP lookups.
Each domain blocklist (e.g., SURBL, URIBL, etc.) works differently. Some lists include hostnames, while others have specific domain-stripping rules. This makes it difficult to accurately compare different domain lists.
Can I compare Guardian Mail with <Insert DNSBL here>?
The “Comparison Tool” is compatible with any IP address DNSBL that implements RFC 5782. To validate that the tool works, the DNSBL tested against must return a positive result for a lookup to 127.0.0.2.
Before running the comparison, the tool performs pre-flight checks to ensure that both lists are queryable and working. It returns an error if either list is not working correctly.
Please note that you should only use the comparison tool with a list that works similarly to Guardian Mail. The list should be a blocklist, and a positive result should indicate that the IP is blocked. Do not use reputational lists, where the return code denotes trust, or classification lists that classify IPs into segments or categories.
How many DNSBL queries will the tool make?
The “Comparison Tool” will generate between 3x, and 4x the number of DNS queries as IPs inputted.
For example: if you are using log file mode and you’ve followed the instructions above to create an input file containing “<occurrences>, <ip>” and you have 300k entries in that file, then the tool will make 600k DNS lookups
- Once for Guardian Mail for the “comparison” list
- Any positive result for either the Abusix list or another list will result in a lookup into the Guardian Mail Whitelist as well.
How much DNS concurrency does the tool use?
The “Comparison Tool” limits the number of running DNS queries to 50 at a time. This means that there will never be more than 50 queries in progress simultaneously.
Which DNS servers does the tool use?
The “Comparison Tool” uses the DNS servers configured on the host it runs on. Therefore, you need to ensure that the host is configured correctly and can resolve names in the namespace of the comparison list. This is especially important when running a comparison against an internal dataset served via rbldnsd. You must have the appropriate “glue” records and ACLs to allow the DNS servers configured on the host to query the list.
Does the tool report any data back to Abusix?
No.
Is the source code available for the tool?
No – not at this time.
You’re supplying the tool as a binary; what exactly does the binary contain?
The “Comparison Tool” is a NodeJS runtime with all necessary modules compiled into a single binary using the “nexe” module.
Learn more about the Comparison Tool
Back to the Overview of Guardian Mail
Send us a message
Having trouble with your set up or a technical issue? Get in touch with our team of Abusix experts.
Click the chat button at the bottom and send us your questions. Alternatively, you can email us at [email protected]
also, follow our LinkedIn Channel for updates & subscribe to our YouTube Channel for the latest Abusix how-to-videos.