DNSBL (domain name system blackhole lists) use 'databases' to determine,
whether the senders IP or domain name is a 'well known source' of
Main advantage for the user (that's you!) is, that accessing these
databases is quite fast and reliable. There is no need to set up 'message
rules' or anaylze the message, just simply query the database.
The disadvantage are the various 'policies' of listing spam the
DNSBL-list owners follow. These policies can be more or less strict,
some are very conservative in listing, some are more aggressive. The
aggressive ones might raise the number of false positives ,
the conservatives might let spam slip through Disruptor OL.
As a general solution I suggest not to delete spam
but create a spam folder and let Disruptor OL move the messages into
it. And then simply do a visual check every week and delete them after
To see what DNSBL caused the listing as spam, use the 'Check DNSBLs'
progressive cache handling
The default cache strategie is to save hits and misses for two
days. This is a good compromise in speed and error (if a 'good' ip
turns bad or vice versa).
Disadvantage is that the 'long term well known' spam sender IPs
fade out of the cache with the same speed like the rare ones (that
might be only abused for a short term due to a security hole).
Disruptor OL uses a progressive cache: rare and often spam-IP numbers
don't expire the same speed anymore.
The expire time for frequent spam IPs is set to
ex = ( ln(CacheAdds)+1 ) * default hit cache expire
"CacheAdds" means the number of times the IP was added
to the hit cache.
Non-spam-IPs always expire the same speed. Progressive data expires
after 365 days.
At the top you see all IPs Disruptor OL has found in the message,
to the left you see all known DNSBLs. The green ones are currently
active. Doubleclick onto a row to turn on/off the activation and don't
forget to press 'OK' to save the results.
The red one is a DNSBL that seems to be not working (or it does
not give the valid answer back when the 'are you alive?'-test is done).
This is not a real problem, it does not lead to false positives .
But it might slow down the fetching of results, if this DNSBL is active.
Read more about DNSBLs
List of All Known DNS-based Spam Databases