Email List Hygiene

New Spamhaus List IDs Botnet IPs

minute read

In June Spamhaus announced an important new list to fight botnets: the BGPCC, and the corresponding BGP feed. The BGPCC isn’t a traditional DNSBL; it’s a routing table of IP addresses which Spamhaus believes provide command and control (C&C) functions for botnets, as well as IPs listed in the Spamhaus DROP (Do Not Route or Peer) list. ISPs, NSPs and backbone internet providers can use this table in their routers so these IPs are blocked at the borders of their networks. This will very effectively prevent botnet operators from communicating with infected machines, and it can also be used to prevent users from connecting to sites serving malware or involved in criminal activity (for example, the payment processors used by the Adober gang). It’s all about preventing access to the machines that make cybercrime possible.

It’s unlikely that BGPCC listings will affect legitimate senders. BGPCC is targeted very specifically at the baddest of bad actors on the internet and I expect there will be very, very little collateral damage.

You can read more about it here: