Arblcheck is a software tool that verifies if names or IPs belong to DNS blocklists. Its primary purpose is to detect if a domain is listed on any blacklist preventing legitimate email communications, and to assist in removing it from said lists.
One of the most useful DNS-based email blocklists is the Open Relay Database (ORDB), which lists the IP addresses of computers known to be open relays. Rejecting mail from these servers reduces spam load and also creates an incentive for open relay owners to secure their computers. Other lists of varying utility and rates of adoption exist, but we'll only cover how to query a list, not evaluate it here.
DNS blocklists invariably use DNS as their lookup mechanism. The IP address is converted into a domain name, and this name is used in a standard DNS name lookup. These lookups are always based on the IP address of the sender, not any part of the email envelope. For instance, to perform an ORDB lookup of the mailserver located at 63.203.17.35 involves a DNS query of 35.17.203.63.relays.ordb.org, looking for an A (address) resource record. If there is no such record, then IP address is not "on the list," and the connection should be accepted. Note that the four octets of the IP address are reversed, such as in the in-addr.arpa mechanism.
DNS blocklists have been around long enough to have "history," and some original lists have disappeared for one reason or another. This means that queries to defunct lists return "no such domain," which is the same as "not on the list." However, this behavior means queries to non-existent lists, or lists whose names have been misspelled, are not reported as errors. Consequently, incorrect queries could stick around for a long time, giving an inappropriate sense of confidence in the non-spam-ness of incoming connections, as well as wasting resources on pointless questions.
Fortunately, a de facto standard exists for verifying whether a DNSBL is valid, which involves making a query for the IP address 127.0.0.2. This should always return an "it's on the list" value and can be used to verify if a particular DNSBL is functioning or not.
The latest version of arblcheck includes an updated DNSbl list, which now includes SPEWS.
Version 1.4.2: N/A