<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<div class="moz-cite-prefix">On 2020-02-06 07:21, George Rosamond
<pre class="moz-quote-pre" wrap="">Curious to hear about others dealing with (external) blacklists/RBLs,
both from the perspective of getting removed from them or using them
defensively. I'm not referring to blacklists generated locally by spamd
etc. And it's certainly beyond just MTA IPs.
(Yes, I know this seems like a back to 1999 discussion about ???haus,
extortion and email...)
I know there are (still) good and bad lists. I'm finding something
annnoying about an alleged usenix site
(<a class="moz-txt-link-freetext" href="http://www.usenix.org.uk/content/rbl.html">http://www.usenix.org.uk/content/rbl.html</a>). There are lists that aren't
really blacklists, but rather just Tor IP addresses (both all the public
Tor IPs and also just Tor exit nodes).
There's some interesting stuff to dive into here:
<a class="moz-txt-link-freetext" href="https://github.com/hslatman/awesome-threat-intelligence">https://github.com/hslatman/awesome-threat-intelligence</a>
including apility.io, firehol's, and abuseipb.com, some of which have APIs.
So some questions would be:
* Are there public lists that others trust and utilize either
defensively or that they work to keep off of?
* Does NANOG and similiar groups have some list that I can't find?
* are RBLs now just a playground for the Ciscos etc as proprietary services?
I'm glad you brought this up. Just last week I wanted to improve my
ad filtering at home and was reading up on the pi-hole linux stuff (<a
href="https://pi-hole.net/" rel="noopener" class="result__url
and it looked pretty neat but seems really linux specific.<br>
i ended up deploying pfblockerNG on my pfsense router at home. i
personally think this is still a valid way to add an additional
layer of security to a network. i'm not sure i'd go as far as
implementing this on a per-host basis in a server environment, but
for helping protect networks it seems pretty sweet.<br>
i understand that this doesn't really address your original question
about using RBLs for mail servers, but it looked like there were
still loads of very active and open filtering lists out there...<br>
<pre class="moz-signature" cols="72">--
<a class="moz-txt-link-abbreviated" href="mailto:email@example.com">firstname.lastname@example.org</a>