| Perhaps close to what you want. https://abuseipdb.com/ At the bottom of this link, you can get a list of bad actor IPs. However the site discourages using the list, bit prefers you use their API. I report the worse of the worse to the site, though I don't bother using the database, mostly because I suspect it would have many false positives. For example, suppose a Comcast customer was spamming. Would you really block a major ISP? To use the list, you would really have to investigate each IP to decide if it makes sense to block them permanently. That sounds like a lot of work. If you use the API, that seems like just another RBL. The only advantage here is the bad behavior is categorized, and I assume you could check IPs known to hack websites and block them. When I run my own IP through the MX toolbox blacklist, it reports checking with over 90 services. I suppose you could see if any of those services provides a list. I check my logs for password guessers, getting a few a day. As a fools errand, I look at the IP and decide if I want to block the server from imap, pop, or submission. That is, am I likely to ever use that server. Not to disparage the third world, but I will block them as I am unlikely to visit their country. And of course any commercial server is fair game. All that said, I'm always open to good suggestions to improve security.
This may have been raised before: we received quite a few malicious emails (containing malicious attachments) & on tracing the senders' IP (from the 'Internet Headers' of the received mails) & key into one of the services below, noted they are malicious & then we manually block them but by then a couple hundreds of these emails would have landed in users' mailboxes, some of it have been opened by users (despite our top-end commercial security product): Question: is there any way I can obtain from the above services the full lists esp those still detected as active the last 1 year for me to input into our commercial product to block them? If not, what will be a better solution ? Roger | ||
- How to obtain blacklists IP lists Roger Goh
- Re: How to obtain blacklists IP lists John Fawcett
- Re: How to obtain blacklists IP lists lists
- Re: How to obtain blacklists IP lists Roger Goh
