DNSBL.im Data Partner API Documentation

DNSBL.im provides a full JSON API for approved data providers. A data provider is anyone who can be trusted to provide data en masse to DNSBL.im.
If you would like to submit data to the blacklist make your request here. We are only accepting requests from providers who can submit large numbers of proxies and abusive hosts. Primarily those that run large server farms that can submit a lot of drone and malware data from IRC/fail2ban

Adding IPs to the DNSBL

Each request to the API is sent in JSON format, for example: {"key":"YOUR-API-KEY","addresses":[{"ip":"127.255.255.255", "type":255, "reason":"Insert good reason for adding an IP to the blacklist here"}]}

key Your API key provided to you upon approval
addresses An array of IP addresses and related information
addresses->ip The IP address being added
addresses->type The type of listing (See list types)
addresses->reason The reason for the listing

List Types

Type Description
1 Tor
2 Open HTTP(S) Proxy
3 Open Socks 4/5 Proxy
4 Open Router
5 Abusive IP
6 ZNC Provider Abusers
7 Compromised MTA/Mail Servers
250 Testing 6
251 Testing 5
252 Testing 4
253 Testing 3
254 Testing 2
255 Testing 1

The API allows you to add 1 or more IP addresses to the database in a single request. An example for curl would be:

To add multiple IP addresses would look something like this:

Fail2ban

If you are using fail2ban you should be able to use the curl commands above to blacklist IP addresses that fail to bruteforce your machine’s services. Please use the following format for the reason:  FAIL2BAN:<name>:<time>:<failures> .

An example of your fail2ban configuration would look something like this: