In 2003, a number of DNSBLs came under denial-of-service attacks (DOS).
Since no party has admitted to these attacks nor been discovered responsible, their purpose is a matter of speculation.
The term "blackhole" refers to a networking black hole, an expression for a link on a network that drops incoming traffic instead of forwarding it normally.
The intent of the RBL was that sites using it would refuse traffic from sites which supported spam — whether by actively sending spam, or in other ways.
Technical specifications for DNSBLs came relatively late in RFC5782.
A Uniform Resource Identifier (URI) DNSBL is a DNSBL that lists the domain names and sometimes also IP addresses which are found in the "clickable" links contained in the body of spams, but generally not found inside legitimate messages.
URI DNSBLs were created when it was determined that much spam made it past spam filters during that short time frame between the first use of a spam-sending IP address and the point where that sending IP address was first listed on major sending-IP-based DNSBLs.
Unlike other URIBLs, the DBL only lists domain names, not IP addresses, since Spamhaus provides other lists of IP addresses.It is possible to serve a DNSBL using any general-purpose DNS server software.However this is typically inefficient for zones containing large numbers of addresses, particularly DNSBLs which list entire Classless Inter-Domain Routing netblocks.A Domain Name System-based Blackhole List (DNSBL) or Real-time Blackhole List (RBL) is an effort to stop email spamming.It is a "blacklist" of locations on the Internet reputed to send email spam.Soon after the advent of the RBL, others started developing their own lists with different policies.One of the first was Alan Brown's Open Relay Behavior-modification System (ORBS).However, many observers believe the attacks are perpetrated by spammers in order to interfere with the DNSBLs' operation or hound them into shutting down.In August 2003, the firm Osirusoft, an operator of several DNSBLs including one based on the SPEWS data set, shut down its lists after suffering weeks of near-continuous attack.RHSBLs are of debatable effectiveness since many spams either use forged "from" addresses or use "from" addresses containing popular freemail domain names, such as @gmail.com, @yahoo.com, or @URI DNSBLs are more widely used than RHSBLs, are very effective, and are used by the majority of spam filters.To operate a DNSBL requires three things: a domain to host it under, a nameserver for that domain, and a list of addresses to publish.