#dnsbl — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #dnsbl, aggregated by home.social.
-
🇬🇧 DNS Blocklists with OPNsense and Unbound
OPNsense is a modern, FreeBSD-based firewall that offers a wide range of network features, including firewall, routing, and VPN, and can be easily extended using various plugins. In this blog post, I’ll show you how to use OPNsense and Unbound for DNS blocklists.
https://www.thierolf.org/en/posts/2026/dns-blocklists-mit-opensense-und-unbound/
-
🇬🇧 DNS Blocklists with OPNsense and Unbound
OPNsense is a modern, FreeBSD-based firewall that offers a wide range of network features, including firewall, routing, and VPN, and can be easily extended using various plugins. In this blog post, I’ll show you how to use OPNsense and Unbound for DNS blocklists.
https://www.thierolf.org/en/posts/2026/dns-blocklists-mit-opensense-und-unbound/
-
🇬🇧 DNS Blocklists with OPNsense and Unbound
OPNsense is a modern, FreeBSD-based firewall that offers a wide range of network features, including firewall, routing, and VPN, and can be easily extended using various plugins. In this blog post, I’ll show you how to use OPNsense and Unbound for DNS blocklists.
https://www.thierolf.org/en/posts/2026/dns-blocklists-mit-opensense-und-unbound/
-
🇬🇧 DNS Blocklists with OPNsense and Unbound
OPNsense is a modern, FreeBSD-based firewall that offers a wide range of network features, including firewall, routing, and VPN, and can be easily extended using various plugins. In this blog post, I’ll show you how to use OPNsense and Unbound for DNS blocklists.
https://www.thierolf.org/en/posts/2026/dns-blocklists-mit-opensense-und-unbound/
-
🇩🇪 DNS Blocklists mit OPNsense und Unbound
OPNsense ist eine moderne, auf FreeBSD basierende Firewall, welche umfangreiche Netzwerkfunktionen wie Firewall, Routing, VPN anbietet und sich durch verschiedene Plugins auf einfache Weise erweitern lässt. In meinem Blog Post zeige ich, wie OPNsense und Unbound für DNS Blocklists verwendet werden kann.
https://www.thierolf.org/de/posts/2026/dns-blocklists-mit-opensense-und-unbound/#dns-lasttest
-
🇩🇪 DNS Blocklists mit OPNsense und Unbound
OPNsense ist eine moderne, auf FreeBSD basierende Firewall, welche umfangreiche Netzwerkfunktionen wie Firewall, Routing, VPN anbietet und sich durch verschiedene Plugins auf einfache Weise erweitern lässt. In meinem Blog Post zeige ich, wie OPNsense und Unbound für DNS Blocklists verwendet werden kann.
https://www.thierolf.org/de/posts/2026/dns-blocklists-mit-opensense-und-unbound/#dns-lasttest
-
🇩🇪 DNS Blocklists mit OPNsense und Unbound
OPNsense ist eine moderne, auf FreeBSD basierende Firewall, welche umfangreiche Netzwerkfunktionen wie Firewall, Routing, VPN anbietet und sich durch verschiedene Plugins auf einfache Weise erweitern lässt. In meinem Blog Post zeige ich, wie OPNsense und Unbound für DNS Blocklists verwendet werden kann.
https://www.thierolf.org/de/posts/2026/dns-blocklists-mit-opensense-und-unbound/#dns-lasttest
-
🇩🇪 DNS Blocklists mit OPNsense und Unbound
OPNsense ist eine moderne, auf FreeBSD basierende Firewall, welche umfangreiche Netzwerkfunktionen wie Firewall, Routing, VPN anbietet und sich durch verschiedene Plugins auf einfache Weise erweitern lässt. In meinem Blog Post zeige ich, wie OPNsense und Unbound für DNS Blocklists verwendet werden kann.
https://www.thierolf.org/de/posts/2026/dns-blocklists-mit-opensense-und-unbound/#dns-lasttest
-
Bueno, parece que los ataques de scraping estan cesando o por lo menos el bloqueo del firewall está siendo exitoso y permite más o menos respirar al servidor. Como últimas novedades, ayer terminé de migrar las listas de bloque de Alias y reglas manuales, a listas dinámicas automáticas, aparte de que agregué algunas más que estaban faltando. Las listas dinámicas corren en bajo nivel en el firewall y aprovechan el motor pf packet filter que hace famoso a pf-Sense. Eso quedó lujo y los tests que corrí muestran que el firewall ni se despeina filtrando unas 50k IPs. También en el proxy Nginx dejé corriendo CrowdSec junto con Fail2ban y ahora ambos alimentan de IPs maliciosas que detectan, al pf-Sense que las bloquea para toda la red. CrowdSec fue sugerencia de @j3j5 y luego de @ElenaMusk y valió la pena porque solo lo conocía de nombre, nunca lo había probado, muchas gracias por el apoyo y la ayuda. Pensé que era similar a Fail2ban pero se nota que es mucho más moderno y agarra IPs que Fail2ban no agarra, justamente por el análisis decomportamiento. Yo creo que estamos bastante bien ahora, con pfBlocker-NG, Suricata y DNSBL corriendo en pf-Sense y Fail2ban y CrowdSec corriendo en el proxy que a su vez retroalimenta a pf-Sense. #pfsense #crowdsec #dnsbl #suricata #seguridad #undernet #mastodon
-
Bueno, parece que los ataques de scraping estan cesando o por lo menos el bloqueo del firewall está siendo exitoso y permite más o menos respirar al servidor. Como últimas novedades, ayer terminé de migrar las listas de bloque de Alias y reglas manuales, a listas dinámicas automáticas, aparte de que agregué algunas más que estaban faltando. Las listas dinámicas corren en bajo nivel en el firewall y aprovechan el motor pf packet filter que hace famoso a pf-Sense. Eso quedó lujo y los tests que corrí muestran que el firewall ni se despeina filtrando unas 50k IPs. También en el proxy Nginx dejé corriendo CrowdSec junto con Fail2ban y ahora ambos alimentan de IPs maliciosas que detectan, al pf-Sense que las bloquea para toda la red. CrowdSec fue sugerencia de @j3j5 y luego de @ElenaMusk y valió la pena porque solo lo conocía de nombre, nunca lo había probado, muchas gracias por el apoyo y la ayuda. Pensé que era similar a Fail2ban pero se nota que es mucho más moderno y agarra IPs que Fail2ban no agarra, justamente por el análisis decomportamiento. Yo creo que estamos bastante bien ahora, con pfBlocker-NG, Suricata y DNSBL corriendo en pf-Sense y Fail2ban y CrowdSec corriendo en el proxy que a su vez retroalimenta a pf-Sense. #pfsense #crowdsec #dnsbl #suricata #seguridad #undernet #mastodon
-
Bueno, parece que los ataques de scraping estan cesando o por lo menos el bloqueo del firewall está siendo exitoso y permite más o menos respirar al servidor. Como últimas novedades, ayer terminé de migrar las listas de bloque de Alias y reglas manuales, a listas dinámicas automáticas, aparte de que agregué algunas más que estaban faltando. Las listas dinámicas corren en bajo nivel en el firewall y aprovechan el motor pf packet filter que hace famoso a pf-Sense. Eso quedó lujo y los tests que corrí muestran que el firewall ni se despeina filtrando unas 50k IPs. También en el proxy Nginx dejé corriendo CrowdSec junto con Fail2ban y ahora ambos alimentan de IPs maliciosas que detectan, al pf-Sense que las bloquea para toda la red. CrowdSec fue sugerencia de @j3j5 y luego de @ElenaMusk y valió la pena porque solo lo conocía de nombre, nunca lo había probado, muchas gracias por el apoyo y la ayuda. Pensé que era similar a Fail2ban pero se nota que es mucho más moderno y agarra IPs que Fail2ban no agarra, justamente por el análisis decomportamiento. Yo creo que estamos bastante bien ahora, con pfBlocker-NG, Suricata y DNSBL corriendo en pf-Sense y Fail2ban y CrowdSec corriendo en el proxy que a su vez retroalimenta a pf-Sense. #pfsense #crowdsec #dnsbl #suricata #seguridad #undernet #mastodon
-
Bueno, parece que los ataques de scraping estan cesando o por lo menos el bloqueo del firewall está siendo exitoso y permite más o menos respirar al servidor. Como últimas novedades, ayer terminé de migrar las listas de bloque de Alias y reglas manuales, a listas dinámicas automáticas, aparte de que agregué algunas más que estaban faltando. Las listas dinámicas corren en bajo nivel en el firewall y aprovechan el motor pf packet filter que hace famoso a pf-Sense. Eso quedó lujo y los tests que corrí muestran que el firewall ni se despeina filtrando unas 50k IPs. También en el proxy Nginx dejé corriendo CrowdSec junto con Fail2ban y ahora ambos alimentan de IPs maliciosas que detectan, al pf-Sense que las bloquea para toda la red. CrowdSec fue sugerencia de @j3j5 y luego de @ElenaMusk y valió la pena porque solo lo conocía de nombre, nunca lo había probado, muchas gracias por el apoyo y la ayuda. Pensé que era similar a Fail2ban pero se nota que es mucho más moderno y agarra IPs que Fail2ban no agarra, justamente por el análisis decomportamiento. Yo creo que estamos bastante bien ahora, con pfBlocker-NG, Suricata y DNSBL corriendo en pf-Sense y Fail2ban y CrowdSec corriendo en el proxy que a su vez retroalimenta a pf-Sense. #pfsense #crowdsec #dnsbl #suricata #seguridad #undernet #mastodon
-
Bueno, parece que los ataques de scraping estan cesando o por lo menos el bloqueo del firewall está siendo exitoso y permite más o menos respirar al servidor. Como últimas novedades, ayer terminé de migrar las listas de bloque de Alias y reglas manuales, a listas dinámicas automáticas, aparte de que agregué algunas más que estaban faltando. Las listas dinámicas corren en bajo nivel en el firewall y aprovechan el motor pf packet filter que hace famoso a pf-Sense. Eso quedó lujo y los tests que corrí muestran que el firewall ni se despeina filtrando unas 50k IPs. También en el proxy Nginx dejé corriendo CrowdSec junto con Fail2ban y ahora ambos alimentan de IPs maliciosas que detectan, al pf-Sense que las bloquea para toda la red. CrowdSec fue sugerencia de @j3j5 y luego de @ElenaMusk y valió la pena porque solo lo conocía de nombre, nunca lo había probado, muchas gracias por el apoyo y la ayuda. Pensé que era similar a Fail2ban pero se nota que es mucho más moderno y agarra IPs que Fail2ban no agarra, justamente por el análisis decomportamiento. Yo creo que estamos bastante bien ahora, con pfBlocker-NG, Suricata y DNSBL corriendo en pf-Sense y Fail2ban y CrowdSec corriendo en el proxy que a su vez retroalimenta a pf-Sense. #pfsense #crowdsec #dnsbl #suricata #seguridad #undernet #mastodon
-
📢 FINAL REMINDER | From tomorrow we will start to restrict access to Oracle IP addresses querying our DNSBLs. To stay protected by the data, register for Spamhaus Technology's FREE Data Query Service - changes to config take minutes.
Sign up here 👇
https://www.spamhaus.com/data-access/free-data-query-service/ -
📆 From next week we will start to restrict access to Oracle IP addresses querying our DNSBLs. To stay protected by the data register for Spamhaus Technology's FREE Data Query Service - it takes minutes to change config 👇
https://www.spamhaus.com/data-access/free-data-query-service/ -
📢 Oracle users | From April 8th, we will begin restricting access to the free DNSBLs for those querying via Oracle’s network. To stay protected, sign up to access the data via Spamhaus Technology’s free Data Query Service. Read more 👇
https://www.spamhaus.org/resource-hub/email-security/querying-our-dnsbls-via-oracle
-
Zur zeit nutze ich unter #OPNsense #UnboundDNS mit den eingebauten Blocklisten. Was mir aber auffällt dass es keine speziellen Soziale Listen existieren um z.B Facebook zu blockieren. Finde ich schade und nervt. Die Filterlisten als URL eingebunden funktionieren auch nicht wie ich es mag, kann aber auch sein das die Listen einfach nicht UnboundDNS kompatibel sind. Bin etwas genervt.
-
📣 SERVICE UPDATE | From April 8th, access will start to be restricted to those querying our free DNSBLs via Oracle’s network. Full info here👇
https://www.spamhaus.org/resource-hub/email-security/querying-the-free-dnsbls-via-oracle/Sign-up for Spamhaus Technology’s free DQS, to ensure there are no issues with your email filtering 👉 https://www.spamhaus.com/data-access/free-data-query-service/
-
📣 SERVICE UPDATE | From April 8th, access will start to be restricted to those querying our free DNSBLs via Oracle’s network. Full info here👇
https://www.spamhaus.org/resource-hub/email-security/querying-the-free-dnsbls-via-oracle/Sign-up for Spamhaus Technology’s free DQS, to ensure there are no issues with your email filtering 👉 https://www.spamhaus.com/data-access/free-data-query-service/
-
📣 SERVICE UPDATE | From April 8th, access will start to be restricted to those querying our free DNSBLs via Oracle’s network. Full info here👇
https://www.spamhaus.org/resource-hub/email-security/querying-the-free-dnsbls-via-oracle/Sign-up for Spamhaus Technology’s free DQS, to ensure there are no issues with your email filtering 👉 https://www.spamhaus.com/data-access/free-data-query-service/
-
📣 SERVICE UPDATE | From April 8th, access will start to be restricted to those querying our free DNSBLs via Oracle’s network. Full info here👇
https://www.spamhaus.org/resource-hub/email-security/querying-the-free-dnsbls-via-oracle/Sign-up for Spamhaus Technology’s free DQS, to ensure there are no issues with your email filtering 👉 https://www.spamhaus.com/data-access/free-data-query-service/
-
📣 SERVICE UPDATE | From April 8th, access will start to be restricted to those querying our free DNSBLs via Oracle’s network. Full info here👇
https://www.spamhaus.org/resource-hub/email-security/querying-the-free-dnsbls-via-oracle/Sign-up for Spamhaus Technology’s free DQS, to ensure there are no issues with your email filtering 👉 https://www.spamhaus.com/data-access/free-data-query-service/
-
I started to suspect that both my Apple TV and Homepod Mini were being naughty children making DNS queries to servers other than my local one.
So put together a list of the bigger public IPv4 and IPv6 DNS servers, then added a firewall rule rejecting all traffic to them from all devices other than my AdGuard Home server.
And guess what I found - I was right. Unauthorised communication with Cloudflare, and avoiding my AdGuard Home server.
-
If @spamhaus incorrectly marks a mail server as a spammer, then the process is clear.
But what do you do if the mail server is incorrectly marked as an "open resolver" and you therefore cannot query DNSBLs? 😂
😶🌫️
I just had this case with a customer.
-
❌ The short answer is no — our datasets are free only for low-volume, non-commercial use. Not sure if that’s you? Check our Fair Use Policy:
👉 https://www.spamhaus.org/blocklists/dnsbl-fair-use-policy/If you need data for commercial use, IP and domain reputation data is made available at an enterprise-level via Spamhaus Technology (free and paid for accounts available).
-
📣 TODAY we will start to restrict access to KT (Korea Telecom) IP addresses querying our DNSBLs. To stay protected by the data, register for Spamhaus Technology's FREE Data Query Service. It takes minutes to change the config - register here:
👉 https://www.spamhaus.com/free-trial/sign-up-for-a-free-data-query-service-account/
-
📣 TODAY we will start to restrict access to KT (Korea Telecom) IP addresses querying our DNSBLs. To stay protected by the data, register for Spamhaus Technology's FREE Data Query Service. It takes minutes to change the config - register here:
👉 https://www.spamhaus.com/free-trial/sign-up-for-a-free-data-query-service-account/
-
📣 TODAY we will start to restrict access to KT (Korea Telecom) IP addresses querying our DNSBLs. To stay protected by the data, register for Spamhaus Technology's FREE Data Query Service. It takes minutes to change the config - register here:
👉 https://www.spamhaus.com/free-trial/sign-up-for-a-free-data-query-service-account/
-
📣 TODAY we will start to restrict access to KT (Korea Telecom) IP addresses querying our DNSBLs. To stay protected by the data, register for Spamhaus Technology's FREE Data Query Service. It takes minutes to change the config - register here:
👉 https://www.spamhaus.com/free-trial/sign-up-for-a-free-data-query-service-account/
-
📣 TODAY we will start to restrict access to KT (Korea Telecom) IP addresses querying our DNSBLs. To stay protected by the data, register for Spamhaus Technology's FREE Data Query Service. It takes minutes to change the config - register here:
👉 https://www.spamhaus.com/free-trial/sign-up-for-a-free-data-query-service-account/
-
#lazymastodon #ipv6 #DNSBL question:
I'm having spam trouble again. What's the theory (or just the practice) behind DNSBL for IPv6 addresses? The cheapest VPSes get 48 to 64 bit subnets; blocking individual addresses can't be the solution, but neither can be blocking a complete /64 residential or mobile access network when a single address in there misbehaves. -
📣 Korea Telecom users | From September 17th, we will begin restricting access to the free DNSBLs for those querying via KT’s infrastructure. To stay protected, sign up to access the data via Spamhaus Technology’s free Data Query Service.
Learn more here👇
https://www.spamhaus.org/resource-hub/email-security/query-the-legacy-dnsbls-via-korea-telecom -
Sign-up here for Spamhaus Tech’s free DQS, to ensure there are no issues with your email filtering ⤵️
https://www.spamhaus.com/free-trial/sign-up-for-a-free-data-query-service-account/ -
Sign-up here for Spamhaus Tech’s free DQS, to ensure there are no issues with your email filtering ⤵️
https://www.spamhaus.com/free-trial/sign-up-for-a-free-data-query-service-account/ -
Sign-up here for Spamhaus Tech’s free DQS, to ensure there are no issues with your email filtering ⤵️
https://www.spamhaus.com/free-trial/sign-up-for-a-free-data-query-service-account/ -
Sign-up here for Spamhaus Tech’s free DQS, to ensure there are no issues with your email filtering ⤵️
https://www.spamhaus.com/free-trial/sign-up-for-a-free-data-query-service-account/ -
Sign-up here for Spamhaus Tech’s free DQS, to ensure there are no issues with your email filtering ⤵️
https://www.spamhaus.com/free-trial/sign-up-for-a-free-data-query-service-account/ -
❗ TODAY we will start to restrict access to Microsoft IP addresses querying our DNSBLs. Register for Spamhaus Technology's FREE Data Query Service to stay protected by the data - it takes minutes to change config.
Sign up here ➡️ https://www.spamhaus.com/free-trial/sign-up-for-a-free-data-query-service-account/
-
📣 FINAL REMINDER | From tomorrow we will start to restrict access to Microsoft IP addresses querying our DNSBLs. To stay protected by the data, register for Spamhaus Technology's FREE Data Query Service - changes to config take minutes.
Sign up here ➡️ https://www.spamhaus.com/free-trial/sign-up-for-a-free-data-query-service-account/
-
📣 FINAL REMINDER | From tomorrow we will start to restrict access to Microsoft IP addresses querying our DNSBLs. To stay protected by the data, register for Spamhaus Technology's FREE Data Query Service - changes to config take minutes.
Sign up here ➡️ https://www.spamhaus.com/free-trial/sign-up-for-a-free-data-query-service-account/
-
📣 FINAL REMINDER | From tomorrow we will start to restrict access to Microsoft IP addresses querying our DNSBLs. To stay protected by the data, register for Spamhaus Technology's FREE Data Query Service - changes to config take minutes.
Sign up here ➡️ https://www.spamhaus.com/free-trial/sign-up-for-a-free-data-query-service-account/
-
📣 FINAL REMINDER | From tomorrow we will start to restrict access to Microsoft IP addresses querying our DNSBLs. To stay protected by the data, register for Spamhaus Technology's FREE Data Query Service - changes to config take minutes.
Sign up here ➡️ https://www.spamhaus.com/free-trial/sign-up-for-a-free-data-query-service-account/
-
📣 FINAL REMINDER | From tomorrow we will start to restrict access to Microsoft IP addresses querying our DNSBLs. To stay protected by the data, register for Spamhaus Technology's FREE Data Query Service - changes to config take minutes.
Sign up here ➡️ https://www.spamhaus.com/free-trial/sign-up-for-a-free-data-query-service-account/
-
📣 Microsoft users | From April 9th, we will begin restricting access to the free DNSBLs for those querying via Microsoft’s infrastructure. To stay protected, sign up to access the data via Spamhaus Technology’s free Data Query Service.
Learn more here 👇
https://www.spamhaus.org/resource-hub/email-security/query-the-legacy-dnsbls-via-microsoft-move-to-spamhaus-technology-s-free-data-query-service/ -
📣 SERVICE UPDATE | From April 9th, access will start to be restricted to those querying the free DNSBLs via Microsoft’s infrastructure. Full info here👇
https://www.spamhaus.org/resource-hub/email-security/query-the-legacy-dnsbls-via-microsoft-move-to-spamhaus-technology-s-free-data-query-service/
Sign-up for Spamhaus Technology’s free Data Query Service, to ensure there are no issues with your email filtering:
https://www.spamhaus.com/free-trial/sign-up-for-a-free-data-query-service-account/ -
📣 SERVICE UPDATE | From April 9th, access will start to be restricted to those querying the free DNSBLs via Microsoft’s infrastructure. Full info here👇
https://www.spamhaus.org/resource-hub/email-security/query-the-legacy-dnsbls-via-microsoft-move-to-spamhaus-technology-s-free-data-query-service/
Sign-up for Spamhaus Technology’s free Data Query Service, to ensure there are no issues with your email filtering:
https://www.spamhaus.com/free-trial/sign-up-for-a-free-data-query-service-account/ -
📣 SERVICE UPDATE | From April 9th, access will start to be restricted to those querying the free DNSBLs via Microsoft’s infrastructure. Full info here👇
https://www.spamhaus.org/resource-hub/email-security/query-the-legacy-dnsbls-via-microsoft-move-to-spamhaus-technology-s-free-data-query-service/
Sign-up for Spamhaus Technology’s free Data Query Service, to ensure there are no issues with your email filtering:
https://www.spamhaus.com/free-trial/sign-up-for-a-free-data-query-service-account/ -
📣 SERVICE UPDATE | From April 9th, access will start to be restricted to those querying the free DNSBLs via Microsoft’s infrastructure. Full info here👇
https://www.spamhaus.org/resource-hub/email-security/query-the-legacy-dnsbls-via-microsoft-move-to-spamhaus-technology-s-free-data-query-service/
Sign-up for Spamhaus Technology’s free Data Query Service, to ensure there are no issues with your email filtering:
https://www.spamhaus.com/free-trial/sign-up-for-a-free-data-query-service-account/ -
📣 SERVICE UPDATE | From April 9th, access will start to be restricted to those querying the free DNSBLs via Microsoft’s infrastructure. Full info here👇
https://www.spamhaus.org/resource-hub/email-security/query-the-legacy-dnsbls-via-microsoft-move-to-spamhaus-technology-s-free-data-query-service/
Sign-up for Spamhaus Technology’s free Data Query Service, to ensure there are no issues with your email filtering:
https://www.spamhaus.com/free-trial/sign-up-for-a-free-data-query-service-account/