Composite Blocking List Explained

In computer networking, the Composite Blocking List (CBL) is a DNS-based Blackhole List of suspected E-mail spam sending computer infections.

Overview

The CBL takes its source data from very large spamtraps/mail infrastructures, and only lists IPs exhibiting characteristics such as:

• Open proxies of various sorts (HTTP, socks, AnalogX, wingate etc.)
• Worms/viruses/botnets that do their own direct mail transmission, or are otherwise participating in a botnet.
• Trojan horse or "stealth" spamware.

The CBL attempts to avoid listing real mail servers, but certain misconfigurations of mail servers can make the system appear infected (for example, servers that send HELO with 'localhost' or a similar incorrect domain.)

Entries automatically expire after a period of time.

The CBL does not provide public access to gathered evidence.

CBL data are used in Spamhaus XBL list.

See also

• CBL Index — estimate of outgoing spam reputation

External links

• The CBL
• CBL lookup and removal page