We made some updates to our support system yesterday and as a consequence, our contact email was down for a half-day. We messed up and we’re sorry. If you wrote in during that time, please give us another chance and resend your email. We’ll be snappy in our reply.

OpenDNS’s typo correction feature helps smooth one of the Internet’s daily annoyances. But for URIBLs (a kind of blacklist used by mail servers), typo correction has always been a deal breaker.

No longer!

Back in August 2006, we enhanced our nameserver software to stop doing typo correction for DNSBLs. Now, URIBLs can get the same special treatment. In fact, the popular URIBLs hosted at these three domains already do:

• surbl.org
• uribl.com
• uribl.org

If you previously disabled typo correction so you could use one of these URIBLs, you can now re-enable it.

And if you run a URIBL and would like us to add your domain to our URIBL list, please provide us with details either in the comments here or via our contact form. We’ll keep the latest list in our knowledge base.

By the way, our thanks go to the folks at SURBL and URIBL.COM for their assistance with this project.

Update: While we encourage people to write code using the PhishTank API, this specific offer is no longer valid.

We’re looking for someone to write some sample (but working) code to help test an anti-phishing database API we’ve developed and are about to release for public use (for free!). We are busy working on a ton of projects right now and rather than divert our attention to writing plugins and extensions for apps we aren’t familiar with we figured we could pay one or two of you to do it for us instead. The code will be licensed under an open-source approved license, probably the Mozilla license, or something even more open. We basically just want our API to have some example implementations when we launch it next week.

Here’s the problem: time is of the essence! We want to have something ready to go public October 2nd, which means we really want to see a test version by Friday, September 29th. This will give us enough time to work out any bugs (in your code or our API) by the morning of Monday, October 2nd. That’s only a week from today (yikes!).

I want to offer some good incentives for you, especially since time is short. Feel free to pick some or all of the following:

• $300 for a Thunderbird extension which scans an email for URLs and checks them against our API and optionally submits suspected URLs from phishing emails into our API.
• $100 for a SpamAssassin plugin which just scans an email for URLs and checks them against our API
• $100 for another equally as cool open source project like Squid Cache, per our approval via email.
• A free lunch w/ our CEO at a good restaurant if you’re willing to come into San Francisco to have it. Our CEO (me) has good taste and gets to decide what a ‘good restaurant’ is, but it’ll be good.
• A blog post saying how much you rock.
• If you really are good, we are hiring and this is a fast-track way to get through the interview process.

Since you will be one of the first to use our API it might require some back and forth with us as we tune our API. It would help if you used Yahoo IM or AIM and spoke English. Other than that, we are pretty flexible about who you are. We posted a listing at RentACoder for a Thunderbird hacker but haven’t had any bites yet which is why we’re posting here. Unless you hear from us directly (John Roberts or myself) that you are hired, we make no guarantees.

You can post general questions here on the blog but specific questions should be sent to us via email (firstname at opendns dot com will get to John or myself).

I’m doing this blog post in two pieces; a short explanation up top and then a more technical explanation down below. Pick one or read both and learn a bit.

Just the facts

If you want to use OpenDNS nameservers and DNSBLs (DNS real-time Blacklists) on the same server, computer or network, go right ahead. We’ve rolled out a new feature today that allows you to use our much-loved typo-correction service without worrying about blocking email if you’re running a mail server, too. We went ahead and rolled this out as as a system upgrade so there’s no new preference for it. We’ve updated the FAQ entry on mail servers accordingly. Now DNSBL spam prevention and typo-correction go together like peanut butter and jelly (or chocolate… your choice).

If you were previously not using the typo-correction service because you also ran a mail server then head on over to the preferences page and re-enable it.

Talk nerdy to me

DNSBLs carry information about known IP addresses in their zone of DNS. This is often used to combat spam because a mail server can ask a DNSBL “Do you know anything about this IP?” They cleverly use the DNS to make this process quick and seamless. A mail server that gets a request to deliver mail from 192.168.1.2 asks a DNSBL: “Do you know anything about 2.1.168.192.in.yourdnsbl.tld?” and the DNSBL either says “yes I do” or “no I don’t.” The problem is created because when a mail server is using OpenDNS and asks us to correct typos, we interpret the “no I don’t” answer (called RCODE=3 or NXDOMAIN) as a typo that should be forwarded off to our typo-correction service. This causes a mail server to not see the “no I don’t” and instead believe that the answer was “yes I do” which can cause a mail server to block a message thinking it’s from a spam sender. Previously, the only way to fix this was to disable typo correction, one of the benefits of using OpenDNS.

Our solution has been to disable typo-correction for DNSBL-matching requests. What’s a DNSBL-matching request? Any request greater than six labels which has four numerical octets within the IPv4 addressing space for the last-most labels is considered a DNSBL-style request. This wasn’t offered as a preference as turning this off would only lead to confusion, especially with typo-correction enabled.

End of the story? You can get the typo-correction you want and run a mail-server that uses DNSBLs without worrying. Enjoy!