This is an initial proof of concept that will allow you to inject RBL lookups via an MRF for dynamic blocking of spam/abuse hosts.
Needs a some refactoring to optimize logic flow and possibly utilize a cachex to shortcut DNS lookups, but it does work in this state.
DNSRBL is a well tested method for email anti-spam. It uses a specialized DNS server for this purpose that only operates on UDP and can handle many more queries per second than BIND or other full featured nameservers.
If we build an anti-spam solution around this technology we will have to curate a publicly sourced list of spammers as well as host the database file for users to sync from so they can have their own local copy of the database and are not sending the RBL queries over the internet.
===
RBL logic is usually something like:
- no answer, or 127.0.0.1 == OK
- anything else is a positive entry with a classification: e.g., 127.0.0.2 might be an open relay, 127.0.0.3 might be malicious actors
- a description for why it is in the database can be retrieved via the corresponding TXT record
Info on how to run your own RBL server will be provided.