Team Cymru / Spamhaus

SysIT IT at
Fri Jun 27 15:22:47 UTC 2014

That wont stop a DoS.

A DoS or DDoS is pure bandwidth wars for the most part, if someone is to DoS you, they already have your IP's and urls they need to attack you, thus a spam list won't stop an attack.

If you want to minimize actual spam, sure.

-----Original Message-----
From: NANOG [mailto:nanog-bounces at] On Behalf Of Adam Greene
Sent: Friday, June 27, 2014 9:18 AM
To: 'NANOG list'
Subject: Team Cymru / Spamhaus

Hi all,


We're evaluating whether to add BGP feeds from these two sources in attempt to minimize exposure to DoS.


The Team Cymru BOGON list ( or


looks promising and common-sense. 


We already filter RFC1918 inbound at our edge, and are interested to see if adding the rest of the blocks will have a significant positive effect.


If it does, we're planning to try the IPv4 FULLBOGON list:


We're a little more leery about trying Spamhaus's BGPf service (DROP, EDROP and BCL,



because we really want to avoid false positives. 


Just wondering if anyone has any words of caution ("False positives! Avoid FULLBOGONS and Spamhaus!"), or words of praise ("Do it all! These services are wonderful!") before we take the plunge.




More information about the NANOG mailing list