In computer networking, the Composite Blocking List (CBL) is a DNS-based Blackhole List

DNSBL

A DNSBL is a list of IP addresses published through the Internet Domain Name Service either as a zone file that can be used by DNS server software, or as a live DNS zone that can be queried in real-time...

 of suspected E-mail spam

E-mail spam

Email spam, also known as junk email or unsolicited bulk email , is a subset of spam that involves nearly identical messages sent to numerous recipients by email. Definitions of spam usually include the aspects that email is unsolicited and sent in bulk. One subset of UBE is UCE...

 sending computer infections.

The CBL takes its source data from very large spamtraps/mail infrastructures, and only lists IP

IP address

An Internet Protocol address is a numerical label assigned to each device participating in a computer network that uses the Internet Protocol for communication. An IP address serves two principal functions: host or network interface identification and location addressing...

s exhibiting characteristics such as:

• Open proxies of various sorts (HTTP, socks, AnalogX, wingate etc)
• Worms
  Computer worm
  A computer worm is a self-replicating malware computer program, which uses a computer network to send copies of itself to other nodes and it may do so without any user intervention. This is due to security shortcomings on the target computer. Unlike a computer virus, it does not need to attach...
  
  /viruses
  Computer virus
  A computer virus is a computer program that can replicate itself and spread from one computer to another. The term "virus" is also commonly but erroneously used to refer to other types of malware, including but not limited to adware and spyware programs that do not have the reproductive ability...
  
  /botnets
  Botnet
  A botnet is a collection of compromised computers connected to the Internet. Termed "bots," they are generally used for malicious purposes. When a computer becomes compromised, it becomes a part of a botnet...
  
   that do their own direct mail transmission, or are otherwise participating in a botnet.
• Trojan horse
  Trojan horse (computing)
  A Trojan horse, or Trojan, is software that appears to perform a desirable function for the user prior to run or install, but steals information or harms the system. The term is derived from the Trojan Horse story in Greek mythology.-Malware:A destructive program that masquerades as a benign...
  
   or "stealth" spamware.

The CBL attempts to avoid listing real mail servers, but certain misconfigurations of mail servers can make the system appear infected (for example, servers that send HELO with 'localhost' or a similar incorrect domain.)

Entries automatically expire after a period of time.

The CBL does not provide public access to gathered evidence.

CBL data are used in Spamhaus

The Spamhaus Project

The Spamhaus Project is an international organisation to track e-mail spammers and spam-related activity. It is named for the anti-spam jargon term coined by Linford, spamhaus, a pseudo-German expression for an ISP or other firm which spams or willingly provides service to spammers.-Spamhaus...

 XBL list.

See also

• Comparison of DNS blacklists
  Comparison of DNS blacklists
  The following table lists technical information for a number of DNS blacklists.- External links :* , weekly reports since July 2001* * * * * *...
  
  
• CBL Index
  CBL Index
  The CBL Index is a ratio between the number of IP addresses in a given IP subnet tothe number of CBL listings in the subnet...
  
  - estimate of outgoing spam reputation

External links

• The CBL
• CBL lookup and removal page