dealing with bogon spam ?

[jason at i6ix.com (Jason Bertoch)]

Justin Shore wrote:
> Michiel Klaver wrote:
>> I would suggest to report that netblock to SpamHaus to have it 
>> included at their DROP list, and also use that DROP list as extra 
>> filter in addition to your bogon filter setup at your border routers.
>>
>> The SpamHaus DROP (Don't Route Or Peer) list was specially designed 
>> for this kind of abuse of stolen 'hijacked' netblocks and netblocks 
>> controlled entirely by professional spammers.
>
> As a brief off-shoot of the original topic, has anyone scripted the 
> use of Spamhaus's DROP list in a RTBH, ACLs, null-routes, etc?  I'm 
> not asking if people think it's safe; that's up to the network wanting 
> to deploy it.  I'm wondering if anyone has any scripts for pulling 
> down the DROP list, parsing it into whatever you need (static routes 
> on a RTBH trigger router or ACLs on a border router and then deployed 
> the config change(s).  I don't want to reinvent the wheel is someone 
> else has already done this.
Downloading and parsing is easy.  I used to drop it into the config for 
a small dns server, rbldnsd I believe, that understands CIDR and used it 
as a local blacklist.  It did very little to stop spam and I was never 
brave enough to script an automatic update to BGP.