SecurityZones offers SURBL reputation data
The industry's most comprehensive and accurate list of bad domains!
- Updated every 1-2 minutes
- Accurate, effective list of 300,000 - 500,000 'current, active' bad domains.
- Used by Security Vendors, AntiSpam Solutions, Service Providers and Enterprise worldwide to improve their defenses against fast flux, bot generated, and malicious domains.
- Email Filtering
- Web Filtering
- Security Solutions
- DNS RPZ
SURBL is a major data source providing domain reputation that's used by the world's largest webmail providers, security vendors, ISPs large through small, universities, private companies, governments, and lots of other folks.
SURBL data are used to help evaluate web site reputation in commercial and open source mail filters, security appliances, and a wide range of mail and web applications and systems.
What is SURBL?
SURBLs are lists of web sites that have appeared in unsolicited messages. Unlike most blacklists, SURBLs are not lists of mail senders.
SURBL detects and defends against the effects of phishing and bot-nets. This is the specific area where SURBL is highly effective - at controlling the hard to detect phishing, malware, and bot-net domains.
Why use SURBL?
Web sites seen in unsolicited messages are often more stable than the rapidly changing bot-net IPs used to send the vast majority of them. Used together with sender blacklists, SURBLs have proven to be a highly-effective way to detect unsolicited messages.
How to use SURBL
A sender blacklist like zen.spamhaus.org is commonly used as a first-stage to detect about 80% to 90% of unsolicited messages at the MTA. After the MTA, a second-stage mail filter checks message body web sites against SURBLs. SURBLs enable the mail filter to detect more than 75%* of the remaining unsolicited messages. Together they can detect more than 95%* of unsolicited messages.
SURBLs should be used along with multiple, weighted factors to classify messages, as SpamAssassin does.
SURBL data are typically accessed using DNS queries. Small to medium-sized organizations may use the free public DNS servers, while large organizations of more than 1,000 users should retrieve the data by rsync and serve it from a local DNS mirror or other internal database. When used in combination with Spamhaus, SURBLs can detect more than 95% of unsolicited messages.
Security Data - Delivering a real time feed of 300,000 - 500,000 active Bad Domains:
SURBL data is used extensively in security applications including a wide variety of security applications which are enhanced with the SURBL real time threat intelligence. The SURBL data is delivered in near real time, updated every 1-2 minutes. Data provide includes 300,000 – 500,000 active bad domains. This data is highly accurate – SURBL obsesses on quality and has highly sophisticated processing and filtering engines which also includes manual review and white-listing… to ensure a highly effective and highly accurate list.
DNS RPZ – Taking back DNS:
SURBL delivers the first ready for production RPZ source. RPZ can help end Organizations or ISP's in setting a policy on the network layer. If you cannot resolve a malware site in DNS you can't get infected visiting it. This can bring filtering to a whole new level. Who decides what gets inside a RPZ zone? Who do you trust to deliver the data source? Do you trust them today on another level? ...
SURBL RPZ OVERVIEW
What is SURBL RPZ?
SURBL RPZ is a version of SURBL's high-quality anti-spam, anti-phishing and anti-malware data in the form of a DNS Response Policy Zone (DNS RPZ). DNS RPZs are used to deny or modify the resolution of low-reputation domains, in other words, to deny DNS services for known-bad domains. SURBL is the world's first provider of RPZ data.
Why use SURBL RPZ?
SURBL RPZ data are typically used to protect users from visiting objectionable or dangerous spam, phishing or malware web sites. Doing so can prevent identity theft, phishing attacks, malware infection, loss of revenue due to visiting objectionable spam sites, and more. This is made possible by SURBL's highly-regarded, multi-sourced, real-time intelligence about such domains.
How to use SURBL RPZ
SURBL RPZ is available via DNS zone transfer using recent versions of BIND 9. Local SURBL RPZ queries are answered by your local BIND recursive nameserver where they can be used to deny resolution (NXDOMAIN is the default behavior) or to send traffic to a local walled garden for example, instead of allowing the successful resolution known-bad domains. Other RPZ-supported behaviors are available by modifying the response values as needed in your operational environment.
SURBL RPZ data are available by private incremental zone transfer.
SURBL website - www.surbl.org