[179978] in North American Network Operators' Group
Re: Spamhaus BGP feed experiences?
daemon@ATHENA.MIT.EDU (Frederik Kriewitz)
Tue May 19 06:48:52 2015
X-Original-To: nanog@nanog.org
In-Reply-To: <CAFFgAjDhUpkTx25Ox4kB+NzNA0BgUABE_w8MyYjPXmbzzHqdgg@mail.gmail.com>
From: Frederik Kriewitz <frederik@kriewitz.eu>
Date: Tue, 19 May 2015 12:48:28 +0200
To: Mike Lyon <mike.lyon@gmail.com>
Reply-To: frederik@kriewitz.eu
Cc: NANOG <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
On Sun, May 17, 2015 at 7:50 AM, Mike Lyon <mike.lyon@gmail.com> wrote:
> Any ISPs out there (big or small) ever used the Spamhaus BGP feed to
> prevent against botnet, spam, etc? If so, how has your experience been? Is
> it worthwhile? Has it helped? On / off list responses are appreciated in
> advance.
We've been using the BGP feed for a little over a year now.
We had some problems with malware infected end user PCs causing
upstream congestion resulting in "slow internet" complains.
The spamhouse feed definitely helped a little with our problem but
it's not the magic super tool to completely stop malware in your
network.
On the other hand there was no complain due to a false positive (a
couple of years ago we had one complain due to a false positive on the
EDROP list).
Best Regards,
Frederik Kriewitz
