Query SpamCop Servers

SpamCop.net's sender blacklist service (and other blacklist services) are implemented via DNS. Basically if SpamCop validates an IP address as a SPAM source it creates a record for that IP address in the format of: 4.3.2.1.bl.spamcop.net where 1.2.3.4 is the address. This means all you have to do to determine if a host is listed is to query your DNS server for that name.

dig 4.3.2.1.bl.spamcop.net

If a match is found the result will return 127.0.0.2 (which is totally arbitrary). This simply shows that the IP address you specified is indeed a match. If a match is not found nothing is returned.

Alternately you can query the SURBL in a similar manner. The SURBL works by extracting the domains (links) in an email message and querying against those. Sometimes this is more effective because regardless of the sending IP address, you can determine a message's SPAMiness by the links it contains.

Query a SURBL by prepending the base domain onto sc.surbl.org and query that. Again if a result of 127.0.0.2 is returned it's a match.

dig domain.com.sc.surbl.org
Leave A Reply
All content licensed under the Creative Commons License