From Nov 2017...

J Crowe jcrowe215 at
Tue Apr 3 02:43:03 UTC 2018

That database could possibly be ingested and used locally. Traffic may not
even be traversing to the database hosted by IBM.

At least they are open about where they are getting the data that allows
for blocking to certain FQDNs.

On Mon, Apr 2, 2018 at 10:36 PM, Seth Mattinen <sethm at> wrote:

> On 4/2/18 7:24 PM, Robert Mathews (OSIA) wrote:
>> To be clear.....
>> *DNS resolver will check requests against IBM threat database*
> To be clear on what? That an IBM database is queried, just like it says on
> their website? That doesn't mean they are recording who is making what
> requests.

More information about the NANOG mailing list