Just a little while ago I got a jabber message like so:
host valhalla.seastrom.com <http://valhalla.seastrom.com/> [184.108.40.206]: 550-Access denied - x.y.z.y listed by dnsbl.ahbl.org <http://dnsbl.ahbl.org/>
550 List shut down. See: http://www.ahbl.org/content/last-notice-wildcarding-services-jan-1st
I’ve seen this cute move before. What happens is that someone gets tired of running a <a href=https://en.wikipedia.org/wiki/DNSBL>DNSBL</a>, and shuts it down, then gets tired of dealing with all the traffic. Just barely clueful enough to know what DNS wildcarding is, they decide they’ll show us, those of us who were stupid enough to rely on their service in the first place, and start RBLing everyone, returning false positives for the entire universe.
If they wanted the traffic to largely go away, rather than being childish and screwing people who once held them in high enough regard to rely on their RBL, they could have simply turned what was once the DNSBL domain (in this case dnsbl.ahbl.org) into a subdomain (with a zone cut). That means they delegate it via an NS record with a nice high TTL, say a week to a month, to a harmless nameserver, say, 127.0.0.1 (that being the QUERYING nameserver’s loopback, not their own address) so that the people querying it will eat a SERVFAIL and go away for days to weeks before querying again.
Of course it goes without saying that if you’re ever in a position to hire someone who’s done this, you should probably turn down the opportunity as it raises some serious doubts about said individual’s professionalism and responsibility.