Spamhaus’s RPZ feeds contain hundreds of thousands of suspect domains, and the data is updated automatically by broadcasting only changes to the list rather than the full list. That means it takes less than a second for updates to propagate, effectively blocking cyber threats in near real time.
What RPZ Feeds Are Available?
- DBL Data: This includes individual zone categories, including phishing, malware, botnet, and spam/abuse. These threat feeds are the industry’s highest quality RPZ.
- Phishing sites (PH): Cybercriminals use phishing to steal consumers’ personal identity data as well as financial account credentials. The PH data zone includes phishing data from multiple sources, which are vetted and filtered to provide an accurate, effective list of current, active phishing domains.
- Malware sites (MH): Malware is short for malicious software, which is used to disrupt computer operation, gather sensitive information, or gain access to private computer systems. The MW data zone collects data from numerous sources and includes highly dangerous domains which should not be accessed. Some cracked hosts are also included in MW since many cracked sites also have malware.
- Detailed Granular Zones: See below for list of zones available
Granular Data Sets / RPZ Zones available: Spamhaus produces many granular zones, below. This provides more insight as to the type of abuse, and your RPZ feeds are customized to match your risk profile:
|Bad Reputation Hosts|
|Bad Nameserver IPs|
|Bad Nameserver Hosts|
|Domain generated algorithm|
|Coinblocker Tor Exit Nodes|
|Zero Reputation Domains|