Karmasphere is like Santa Claus: it knows if you've been naughty, and it knows if you've been nice.
Every feedset available through Karmasphere can respond with a thumbs up, a thumbs down, or a neutral verdict. (Actually, feedsets produce verdicts in the range -1000 through 0 to +1000. We convert anything above +300 to a DNSWL result, anything below -300 to a DNSBL result, and anything in between to neutral.)
This means that if you care about knowing whether Karmasphere gives a thumbs up as well as a thumbs down, you have to issue two DNS queries: one against the blacklist, and one against the whitelist.
If you only want to use Karmasphere for blacklisting, you can get away with doing just one query.
The alternatives to DNS are BQuery and XML/RPC (under development.) With BQuery, you get your answer with one query, not two.
This is the easiest case. If your software already queries DNSBLs, you could be up and running with Karmasphere in minutes. Every Karmasphere feed and feedset can be queried over DNS. Simply add the one you want to your list of DNSBLs, and you're up and running.
The following documentation talks about feedsets, but individual feeds work the same way.
One of our most popular feedsets is “karmasphere.email-sender.” Its DNS zone is, therefore, karmasphere.email-sender.dnsbl.karmasphere.com.
As you know, to use a DNSBL, you have to reverse the IP address: if you're interested in 1.2.3.4, the query will contain 4.3.2.1.
If you DNS query 4.3.2.1.karmasphere.email-sender.dnsbl.karmasphere.com you will get back an IP address in the 127 range. Interpret it thusly:
127.0.0.2 NXDOMAIN / NULL Feedset returns negative verdict, i.e. people think 1.2.3.4 is bad. If no A response is returned, either:
- the feedset you queried does not exist,
- the feedset cannot handle that type of identifier,
- the feedset has no opinion on 1.2.3.4, or
- the feedset may even have liked 1.2.3.4.
To query domains, replace 4.3.2.1 with example.com. Note that domains do not have to be reversed.
DNS blacklists have been around a long time: for a long time people have wanted to block spam from bad guys.
Nowadays, people also want to accept mail from good guys. That's where DNS whitelists come in.
If you DNS query 4.3.2.1.karmasphere.email-sender.dnswl.karmasphere.com you will get back an IP address in the 127 range. Interpret it thusly:
127.0.0.2 NXDOMAIN / NULL Feedset returns positive verdict, i.e. people think 1.2.3.4 is good. If no A response is returned, either:
- the feedset you queried does not exist,
- the feedset cannot handle that type of identifier,
- the feedset has no opinion on 1.2.3.4, or
- the feedset may even have disliked 1.2.3.4.
Important caveat: Most feedsets understand more than one identifier type, but due to the limitations of DNSBL-type query protocols, if you use the dnsbl or dnswlsubdomains under karmasphere.com, you can only pass one identifier type to the query. This is important because normally, if you pass the Sender Reputations for Antispam feedset a domain name and an IP address, it will automatically SPF-validate the domain name, so that bad guys can’t spoof a whitelisted domain. But DNS query types don”t get SPF checking -- if you query a domain name, you have to authenticate that domain name yourself.