Emerging Threats is a collection point for a number of security projects, mostly related to Intrusion Detection and Network Traffic Analysis.Their primary project is the Emerging Threats Snort Ruleset contributed and maintained by the security community. You can get information about many others on their All Projects Page. At the moment of writing the blocklist contains the following: Several malware C&C servers (Feodo, Zeus, Spyeye, Palevo).DShield provides a platform for users of firewalls to share intrusion information. Spamhaus drop list: The Spamhaus DROP (Don’t Route Or Peer) lists are advisory “drop all traffic” lists, consisting of netblocks that are “hijacked” or leased by professional spam or cyber-crime operations (used for dissemination of malware, trojan downloaders, botnet controllers).The DROP lists are a tiny subset of the SBL, designed for use by firewalls and routing equipment to filter out the malicious traffic from these netblocks.DShield provides a platform for users of firewalls to share intrusion information This list covers the basics of what you should block.It blocks known bad addresses and new highly suspicious addresses.Emerging Threats is a collection point for a number of security projects, mostly related to Intrusion Detection and network Traffic Analysis.
This is normal (the whole point of running a mirror). # install rbldns and set up a cron which runs as the "bl" user: # first daemontools from: (as root) mkdir /package chmod 1755 /package cd /package wget tar -xvzf daemontools-0.76gz cd admin/daemontools-0.76/ package/install package/run.rclocal # tail /etc/rc.local for startup command instead of rebooting. You will need to set up NS records pointing to YOURIPADDR for spamcopbl. To host a public mirror we require: If you are interested, please contact us with a brief description of your network and the server.
For this reason, we provide a more efficient option of running a mirrored server through transfer using rsync and ssh.
You have the option of the mirror server being public or private as described below.
If you want information on using the blocklist in the normal, casual way see the How do I configure my mailserver FAQ. Therefore, downloading the whole list (doing a "zone transfer") is not as effective at blocking spam unless it is done every minute.
Downloading it every minute would be very inefficient.