This article applies to:
- Trustwave SEG
- URLCensor
- Using Google DNS or OpenDNS
- Using service provider DNS
Problem:
- URLCensor lookups are returning false positives, even for domains that are on the safe list ("whitelist") maintained by URIBL.com
- URLCensor triggers inconsistently
Information:
URIBL.com implements volume-based limitations on lookups. When you use a public DNS service like Google Public DNS, the allowed number of lookups is exceeded because many other organizations are attempting to use the service through the public DNS service.
Resolution:
To use URIBL.com, you should use your own Internet facing DNS servers.
You can also try using your service provider's DNS, but it might also be blocked based on volume.
URIBL.com also provides a paid datafeed service for high volume users.
Notes:
- For more information see the URIBL.com DNS Query Refused page.
- A response of 127.0.0.1 from URIBL.com indicates "query refused". Default URLCensor category script files do not trigger on this response due to use of the "expect" parameter in Category Script files. For full details of allowed parameters, see the SEG Anti-Spam Advanced document available from the SEG documentation page.