Spamhaus BGP feed experiences?

John Levine johnl at iecc.com
Tue May 19 19:01:55 UTC 2015


In article <555B8313.5080400 at netassist.ua> you write:
>How much false positives (i.e. blackholing traffic users want to reach)?

Very little.  The DROP list, which is what's in the BGP feed, is a
small subset of the SBL, and only includes blocks that send no
legitimate traffic at all.


>
>On 18.05.15 21:04, Marco d'Itri wrote:
>> On May 17, Mike Lyon <mike.lyon at gmail.com> wrote:
>> 
>>> Any ISPs out there (big or small) ever used the Spamhaus BGP feed to
>>> prevent against botnet, spam, etc? If so, how has your experience been? Is
>>> it worthwhile? Has it helped? On / off list responses are appreciated in
>>> advance.
>> We use Spamhaus DROP (not the BGP version: our software asks a human to 
>> review each change).
>> The benefits are not obvious since we do not have access customers, but 
>> it will blackhole some networks you obviously do not want to talk to,
>> and it has not caused any troubles either.
>> 
>





More information about the NANOG mailing list