BlahDNS filterlist is outdated and whitelist some domains

[obeho]

Hi,

I've seen your post about filterlists, and the blahdns's blacklist {Please update this}.

But what combination of blacklists is used in BlahDNS? You must have some sources, right?

[zoonderkins]

Sorry about that. Recently I'm still with my work.

[obeho]

👍 It'd be better to automate the list updation imo.

what combination of blacklists is used in BlahDNS?

You still haven't answered my question.

[zoonderkins]

Those links listed on my blog is used by on working + personal computer with uBlockOrigin + Adguard mac ios android (https://adguard.com/en/adguard-mac/overview.html) BlahDNS blacklist source: https://github.com/ookangzheng/blahdns/blob/master/hosts/source.txt

[obeho]

Those links listed on my blog is used by on working + personal computer with uBlockOrigin + Adguard mac ios android

👍 got it

BlahDNS blacklist source: https://github.com/ookangzheng/blahdns/blob/master/hosts/source.txt

Thanks.

It'd be better to automate the list updation imo.

I was referring to this list. Users should have real-time access to the current domain blocklist thats being used at the servers, which is not the case currently. # Last updated: May 25 00:33:10 UTC 2020

Also, how often is the blocklist in use at the servers updated from these individual sources?

[zoonderkins]

The list for adblock_hosts or rpz has been update. Usually, those lists will sync in between 24 ~ 48 hours.

1. https://oooo.b-cdn.net/blahdns/adfilter_rpz.txt
2. https://oooo.b-cdn.net/blahdns/adfilter_hosts.txt

[obeho]

So, these lists are called every 24~48 hrs for any updates?

https://raw.githubusercontent.com/scafroglia93/hosts-blocklists/master/cert-pa.txt https://raw.githubusercontent.com/scafroglia93/hosts-blocklists/master/yoroi.txt https://raw.githubusercontent.com/nextdns/cname-cloaking-blocklist/master/domains https://raw.githubusercontent.com/VeleSila/yhosts/master/hosts https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/spy.txt https://raw.githubusercontent.com/Perflyst/PiHoleBlocklist/master/android-tracking.txt https://raw.githubusercontent.com/Perflyst/PiHoleBlocklist/master/SmartTV.txt https://raw.githubusercontent.com/anudeepND/blacklist/master/adservers.txt https://raw.githubusercontent.com/jerryn70/GoodbyeAds/master/Hosts/GoodbyeAds.txt https://raw.githubusercontent.com/jawz101/MobileAdTrackers/master/hosts https://raw.githubusercontent.com/Yhonay/antipopads/master/hosts https://gitlab.com/quidsup/notrack-blocklists/raw/master/notrack-blocklist.txt https://gitlab.com/quidsup/notrack-blocklists/raw/master/notrack-malware.txt http://theantisocialengineer.com/AntiSocial_Blacklist_Community_V1.txt https://hblock.molinero.dev/hosts https://gitlab.com/ookangzheng/dbl-oisd-nl/raw/master/dbl.txt https://hosts.nfz.moe/full/hosts https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts https://raw.githubusercontent.com/cchevy/macedonian-pi-hole-blocklist/master/hosts.txt https://raw.githubusercontent.com/banbendalao/ADgk/master/ADgk.txt https://kriskintel.com/ktip_corona.txt https://raw.githubusercontent.com/scafroglia93/blocklists/master/blocklists-main.txt https://raw.githubusercontent.com/cchevy/macedonian-pi-hole-blocklist/master/hosts.txt https://raw.githubusercontent.com/neodevpro/neodevhost/master/lite_adblocker https://280blocker.net/files/280blocker_domain.txt

[zoonderkins]

Yes, but still I will continue to tweak those blacklist.

[obeho]

👍 I saw you are adding and deleting lists.

Btw, this list you are maintaining by mirroring from the original dbl-oisd-nl, how often does it call the original list for updates?

[zoonderkins]

It depends on oisd.nl author. He will call my endpoint, and I will start to crawl the latest version.

[obeho]

Oh 😮 . Thats interesting. Why would he call your endpoint? Is there a dependency?

[zoonderkins]

Just a trigger. Cuz I don't know when he will update those lists. Therefore, he gonna trigger my endpoint [API] (notice me). Then I will start to crawl all lists and upload them to Github / Gitlab.

[obeho]

Thats cool. I just wish all blocklists out there do the same. Thanks

start to crawl all lists

manually?

[zoonderkins]

Nope, there are separate.

[obeho]

Nope, there are separate.

Oh, so you automate it?

perf.hsforms.com domain is in the blocklist. Is this the reason why I was unable to open their site? Due to CNAME?

[zoonderkins]

https://forms.hsforms.com/ is not in blahdns

[obeho]

Yes, this site https://forms.hsforms.com/ isn't in blahdns's blocklist. Actually it redirects to https://developers.hubspot.com/.

When I open https://developers.hubspot.com/ it works fine. But when I open https://forms.hsforms.com/ its not getting redirected, both on my mobile and on my PC. See the below pic from DNS app on my mobile. I think perf.hsforms.com domain is critical for that redirect.

Due to this, domains like https://share.hsforms.com/1N6aQgP9bQq2SmRziqOqMTw16gmf aren't getting loaded. This site is just like google forms. And many other domain which contain hsforms.com in the name also aren't getting loaded.

[zoonderkins]

Whitelisted hsforms.com

[obeho]

Thanks.

Google's CAPTCHA won't work if www.recaptcha.net is blocked. Please whitelist it.

[zoonderkins]

www.recaptcha.net fixed.

[obeho]

Thanks. Which list was it from? It doesn't deserve to be on BlahDNS's blocklist. Its as if blocking google.com.

[zoonderkins]

It does not block google.com though, maybe miss configure www.recaptcha.net Found on this: https://raw.githubusercontent.com/Goooler/1024_hosts/master/hosts

[obeho]

But this Gooler's list isn't even used in BlahDNS, right?

[zoonderkins]

It used to be, but I removed a couple of hours ago.

[obeho]

Could you check Pull requests once?

[obeho]

Please whitelist thenextweb.us1.list-manage.com its a link from newsletter, this is because of list-manage.com

For more information,

https://www.quora.com/Why-does-MailChimp-use-multiple-list-manage-com-domains/answer/Amanda-Egan-28?share=1

[zoonderkins]

thenextweb.us1.list-manage.com fixed

[obeho]

Thanks,

I had problems with https://doh-fi.blahdns.com/dns-query server 12.5hrs back, HTTP_ERROR displayed, both on my broadband connection, and mobile data. I checked with https://stats.blahdns.com/, it showed no downtime. Did you hear anything?

Still having timeouts, and very very long query times. With https://doh2.blahdns.com/dns-query too, but a little better.

[zoonderkins]

is this still situation happen? cuz my server almost at bottle neck.

Note, I cant guarantee service at this moment.

[obeho]

I cant guarantee service at this `moment.

The bottleneck problem only at Finland server?

Now its fine.

[obeho]

Are the Finland server queries forwarded to Germany? Coz I'm using https://doh-fi.blahdns.com/dns-query but dnsleak test shows

[zoonderkins]

While the local DNS resolver is busy, it will forward to Quad9 upstream 9.9.9.9. Quad9 route finland traffic to Germany pop.

Note, Don't have to worry about the DNS leak. DNS leak means test result the same as your ISP default DNS. Also upstream cant see your IP, All incoming IP has been replace as Finland server IP

[obeho]

Thanks @ookangzheng

Automate AdBlock sources update on server / CDN

Can you tell how this is done? Is it direct .txt file updating from the links like https://raw.githubusercontent.com/........txt ?

[zoonderkins]

Thanks @ookangzheng

Automate AdBlock sources update on server / CDN

Can you tell how this is done? Is it direct .txt file updating from the links like https://raw.githubusercontent.com/........txt ?

it upload to a file storage server, and CDN pop will fetch latest version to edge server around the world.

[obeho]

👍

I observed that recently the response to domains in blacklist is changed from 0.0.0.0 to NXDOMAIN. Is there any specific reason? I'm asking because NXDOMAIN is considered an ambiguous choice, as it can be bad where clients try to resolve hostnames repeatedly as they don’t accept NXDOMAIN as reply, thereby polluting DNS queries. @ookangzheng

[zoonderkins]

By using Knot-resolver blocking domain via RPZ, it can be config to return NXDOMAIN only.

[obeho]

0.0.0.0不是比NXDOMAIN更好吗？

请将starsunfolded.com加入白名单。

[zoonderkins]

domain: starsunfolded.com whitelisted I gonna close this issue. Pls, don't hesitate to submit a new issue again.

[obeho]

xnxx.com whitelist please

[zoonderkins]

Fixed. xnxx.com found on

1. https://github.com/privacy-protection-tools/anti-AD
2. https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
3. https://github.com/neodevpro/neodevhost

[obeho]

docs.google.com whitelist please

[zoonderkins]

docs.google.com isn't in the blocklist though, try it again.

[obeho]

Now, its loading. My firewall showed it as blocked by the resolver. I even checked the blahdns txt file, the domain was in it. Now, it was removed by whichever list it came from.

[obeho]

forum.xnxx.com whitelist please

[obeho]

I think you should replace Stevenblack master hosts list with his {Unified hosts + fakenews + gambling + social} list https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/fakenews-gambling-social/hosts

Basically, whitelisting porn domains.

[zoonderkins]

still include *.xnxx.com

[obeho]

Yeah, but those domains aren't necessary to use the site properly.

Lite, keep using the master list but whitelist xnxx.com & forum.xnxx.com . If the master hosts list becomes aggressive in the future, we can change it to {Unified hosts + fakenews + gambling + social} list.

I still can't access forum.xnxx.com, did you whitelist it?

[zoonderkins]

Already whitelist.

[obeho]

sia.tech & www.sia.tech & www.godaddy.com whitelist please.

https://rescure.fruxlabs.com/rescure_domain_blacklist.txt blocklist is used at the blahdns servers, but the domain rescure.fruxlabs.com is blocked by another blocklist you usehttps://kriskintel.com/feeds/ktip_covid_domains.txt (kriskintel removed froxlabs domain from their list just yesterday, update at blahdns will occur within 24hrs i think), but still, how reliable is fruxlabs?

I think www.godaddy.com came from https://kriskintel.com/ktip_corona.txt which is currently used at Blahdns servers. But kirskintel changed their Covid-19 Phishing Feed to https://kriskintel.com/feeds/ktip_covid_domains.txt which doesn't contain www.godaddy.com. So please update the kriskintel's source url. Do we trust a blocklist that was stupid enough to include godaddy.com in their list for 8 whole days?

[zoonderkins]

Removed krisintel.com source from blacklist.

[obeho]

ouo.io whitelist please