Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    SpamList for pfBlockerNG

    Scheduled Pinned Locked Moved
    pfBlockerNG
    2
    5
    2.1k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      sorenstoutner
      last edited by

      SpamList is a RBL list for pfBlockerNG.  It is composed of IP addresses that have sent my email server spam over the years that made it through my other spam filtering.  I have been running it as a private list but decided to make it publically available.  You are welcome to use it for any purpose, personal or commercial.  It can be accessed at:

      https://spamlist.smallbusinesstech.net/spamlist.txt

      I normally update the list once or twice a week, so I would recommend either a weekly or a daily refresh in pfBlockerNG.  More information can be found at https://www.smallbusinesstech.net/spamlist.

      1 Reply Last reply Reply Quote 0
      • S
        sorenstoutner
        last edited by

        I have updated the URL for SpamList and added a second RBL list called HackerList https://forum.pfsense.org/index.php?topic=111756.0.

        The new URL for SpamList is:

        https://pfblockerlists.smallbusinesstech.net/spamlist.txt

        The old URL will continue to function for a time, but eventually it will be decomissioned.

        1 Reply Last reply Reply Quote 0
        • S
          sorenstoutner
          last edited by

          I migrated my webserver from Plone on Windows to Wordpress on Linux (Debian).  As a result, the URL for more information about SpamList has moved to https://www.smallbusinesstech.net/pfblocker-lists/.  The URL for accessing SpamList has not changed.

          1 Reply Last reply Reply Quote 0
          • M
            moscato359
            last edited by

            Do you prune your IP lists over time?

            Sometimes old IPs get released, and handed to someone else.

            Most lists only keep the last 30 days at longest.

            1 Reply Last reply Reply Quote 0
            • S
              sorenstoutner
              last edited by

              @moscato359:

              Do you prune your IP lists over time?

              Sometimes old IPs get released, and handed to someone else.

              Most lists only keep the last 30 days at longest.

              I only remove IP address if I am contacted by the current owner of the IP address and our interactions convince me that the IP address is not likely to send out spam in the future.

              The bulk of the IP addresses in SpamList fall into one of two categories:

              1.  Machines at hosting providers who don't care if their clients use their systems to send out spam.  Even if the current customer gives up and stops paying to use those IP addresses to send out spam, it is likely that in the future some other customer will pick them up and start sending out spam.

              2.  Compromised machines that are being used to send out spam.  Even if the machine is cleaned up, most people who are compromised once will be compromised again repeatedly.  So it is likely their IP address will send out spam in the future.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post