Spamhaus BGP feed experiences?

[matthias at leisi.net (Matthias Leisi)]

At dnswl.org <http://dnswl.org/> we check our data against the DROP list every once in a while. The overlap of DROP with legitimate sources of SMTP traffic is very, very small: a low single-digit number, and most of them are crappy to start with (so we don?t publish them, but only keep them in our database for reference purposes). 

? Matthias

> Am 19.05.2015 um 20:38 schrieb Max Tulyev <maxtul at netassist.ua>:
> 
> How much false positives (i.e. blackholing traffic users want to reach)?
> 
> On 18.05.15 21:04, Marco d'Itri wrote:
>> On May 17, Mike Lyon <mike.lyon at gmail.com> wrote:
>> 
>>> Any ISPs out there (big or small) ever used the Spamhaus BGP feed to
>>> prevent against botnet, spam, etc? If so, how has your experience been? Is
>>> it worthwhile? Has it helped? On / off list responses are appreciated in
>>> advance.
>> We use Spamhaus DROP (not the BGP version: our software asks a human to 
>> review each change).
>> The benefits are not obvious since we do not have access customers, but 
>> it will blackhole some networks you obviously do not want to talk to,
>> and it has not caused any troubles either.
>> 
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4109 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20150520/a0d1468a/attachment.bin>