[talk] blacklists

George Rosamond george at ceetonetechnology.com
Thu Feb 6 10:21:34 EST 2020


Curious to hear about others dealing with (external) blacklists/RBLs,
both from the perspective of getting removed from them or using them
defensively. I'm not referring to blacklists generated locally by spamd
etc. And it's certainly beyond just MTA IPs.

(Yes, I know this seems like a back to 1999 discussion about ???haus,
extortion and email...)

I know there are (still) good and bad lists. I'm finding something
annnoying about an alleged usenix site
(http://www.usenix.org.uk/content/rbl.html). There are lists that aren't
really blacklists, but rather just Tor IP addresses (both all the public
Tor IPs and also just Tor exit nodes).

There's some interesting stuff to dive into here:

https://github.com/hslatman/awesome-threat-intelligence

including apility.io, firehol's, and abuseipb.com, some of which have APIs.

So some questions would be:

* Are there public lists that others trust and utilize either
defensively or that they work to keep off of?

* Does NANOG and similiar groups have some list that I can't find?

* are RBLs now just a playground for the Ciscos etc as proprietary services?

g

PS... i appreciate the offlist replies I get from posts, but public is
preferred if possible.




More information about the talk mailing list