Environment
Any version of GWAVA
Situation
How does a RBL or SURBL lookup work?
Resolution
RBL/SURBL use DNS lookups to check against their blacklists.
To understand how this process works we need to first understand how normal DNS works. For example, if I type google.com in my web browser, the browser then does a DNS lookup to find the IP address for google.com. Once I have the IP address my browser can access the resources for the web page. Think of a DNS server as a phone book, it ties names to internet addresses.
RBL/SURBL works much the same way with a few exceptions. If the uri 'www.freeviagra.com' appears in an email, GWAVA contacts their DNS server and asks it to do a lookup on 'freeviagra.com.multi.surbl.org' (notice the surbl server attached on to the domain). The DNS server will in the end contact multi.surbl.org and ask if it recognizes that domain. Multi.surbl.org will return a simple, yes I recognize that domain (meaning block it, because it is on my blacklist), or no I don't recognize that address (meaning that domain is not blacklisted). DNS is merely the method used to check their blacklists.