RPZ with Spamhaus

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

RPZ with Spamhaus

Bind-Users forum mailing list
Hello,

I tried to understand how to use Spamhaus as a RPZ provider but without any success.
I'll use the non commercial service at least for some time because I have a few servers and one or two users, the trafic is very low.

What I thought I should do first is be able to dig axfr the spamhaus rpz
$ dig axfr rpz.spamhaus.org @ns3.spamhaus.org
Of course I see a failed transfer

I registered in spamhaus but don't know how to be able to axfr the content of the zone

Regards


_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users
Reply | Threaded
Open this post in threaded view
|

Re: RPZ with Spamhaus

Tony Finch
Mik J via bind-users <[hidden email]> wrote:
>
> I registered in spamhaus but don't know how to be able to axfr the
> content of the zone

When you signed up for the free DROP RPZ account you should have received
an email with login details for spamhaus's customer portal. I think the
axfr server details can be found there. Note that the zone is called
drop.rpz.spamhaus.org (dbl.rpz.spamhaus.org is not available for free).

The DROP lists are freely available in plain text so if you are handy with
bit of programming it isn't too hard to turn them into your own RPZ.
https://www.spamhaus.org/drop/

Tony.
--
f.anthony.n.finch  <[hidden email]>  http://dotat.at/
North Bailey: Variable 3 or 4. Moderate, occasionally slight later. Fair.
Good.
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users
Reply | Threaded
Open this post in threaded view
|

Re: RPZ with Spamhaus

Bind-Users forum mailing list
In reply to this post by Bind-Users forum mailing list
Hi there,

On Mon, 24 Jun 2019, Tony Finch wrote:
> Mik J via bind-users <[hidden email]> wrote:
> >
> > I registered in spamhaus but don't know how to be able to axfr the
> > content of the zone
>
> ... The DROP lists are freely available in plain text so if you are
> handy with bit of programming it isn't too hard to turn them into
> your own RPZ. ...

FWIW: a few years back, as an experiment I used the DROP lists exactly
that way for at least a couple of years.  In the entire time I saw not
a single connection from a listed IP.  My guess was that our upstream
provider (BT, aka British Telecom) were doing their job right and took
it out of service.

--

73,
Ged.
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users
Reply | Threaded
Open this post in threaded view
|

Re: RPZ with Spamhaus

Simon Forster
In reply to this post by Bind-Users forum mailing list

On 24 Jun 2019, at 13:16, G.W. Haywood via bind-users <[hidden email]> wrote:

On Mon, 24 Jun 2019, Tony Finch wrote:
Mik J via bind-users <[hidden email]> wrote:
>
> I registered in spamhaus but don't know how to be able to axfr the
> content of the zone
... The DROP lists are freely available in plain text so if you are
handy with bit of programming it isn't too hard to turn them into
your own RPZ. ...

FWIW: a few years back, as an experiment I used the DROP lists exactly
that way for at least a couple of years.  In the entire time I saw not
a single connection from a listed IP.  My guess was that our upstream
provider (BT, aka British Telecom) were doing their job right and took
it out of service.

The free DROP list is only a small subset of the Spamhaus (Deteque) data. Idea is that people can play with RPZ subscribing to an external service and stop the worst of the worst. If anyone wants to test more zones, a full list can be found at <https://docs.deteque.com/dns-firewall/docs/source/zones/intro.html>. Anyone on this list wanting to test the zones for themselves, ping me off list and I can get you a signup for six months free of charge — perhaps longer if we can come up with suitable reasons why. Just don’t tell a grumpy engineer who may be on this list too.

;-)

Self-evidently, I work for Spamhaus.

Simon

_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users

signature.asc (541 bytes) Download Attachment