As far as I understood from the instructions on the link https://ircbl.org/about the correct values to check would in your case be will be like this:

Code
<dnsbl name="ircbl"
       type="record"
       domain="rbl.ircbl.org"
       action="GLINE"
       reason="[K-banned:[exp/comp] Compromised host on this IP. See http://ircbl.org/lookup?ip=%ip% for more information."
       duration="1d"
       records="21"
>

This is the same as if you manually check each proxy address using the command. For example, such an IP address "103.241.227.110" is written in reverse order:
Code
/dns 110.227.241.103.rbl.ircbl.org

If an answer is received in the form "127.0.0.21", this means that the IP address was found in the database lists of this DNSBL server as a (bad) address that is being used by attackers.



For those using my script, which is presented in the post #Post268254 you need to add a line inside the alias "proxyscanner_list":
Code
.hadd -m ps-dnsbl rbl.ircbl.org 21


P.S. This way will require additional on the working capacity rechecking to catch user connections through proxy addresses. You can report your observations here.


🌐 http://forum.epicnet.ru 📜 irc.epicnet.ru 6667 #Code | mIRC scripts, help, discuss, examples