Bogons Block List

Summary

Background

bogons.cymru.com is several things, one of which is a DNS based blacklist. Before you can use bogons.cymru.com as a DNS blacklist, it is important to understand what a “bogon” actually is. A bogon is in internet address prefix that should never appear in an IP address routing table. For example, there are public IP addresses, those that we all use to access email, dns, http, and other services on the internet publicly, and there are private IP addresses. While private IP addresses can also support the exact same services and qualities of public IP addresses, they are not reachable from a public IP address.

These specific ranges of IP addresses are defined in RFC 1918 and RFC 5735.

Most people are familiar with bogon prefixes, as any DNS blacklist will generally be returning an IP address that is in fact a bogon prefix, such as 127.0.0.2. Of course there are also ranges that are commonly reserved for home networks, like the very common 192.168.1.x range. In addition to these common ranges of private IP addresses, there are also many currently unallocated IP addresses left in the IPv4 space. These addresses have not been distributed from the Internet Assigned Numbers Authority (IANA), and in turn, have not been released to a Regional Internet Registry (RIR). These “not in use” IP addresses are also contained in the bogons list.

While the bogons list does not change as fast as a normal DNS blacklist, it does change, making it important for you to have some method by which you request update of the bogons list from bogons.cymru.com.

If you are going to deploy bogons.cymru.com on an SMTP server through DNS, then the update process will work automatically, like any other DNS blacklist. However, the bogons.cymru.com list is not exclusively a DNS blacklist, and is also used at border/edge routers, BGP peering nodes, and even http servers. These other systems will need some way to poll the bogons list and make sure it is up to date.

Listing criteria

bogons.cymru.com has no listing criteria. The address space listed in bogons.cymru.com is well known, either being RFC defined private IP address space, or unused and unallocated IP address space.

Zones

bogons.cymru.com

The traditional IPv4 bogon prefixes; reserved prefixes plus those /8 networks not allocated to an RIR by IANA.

v4.fullbogons.cymru.com

IPv4 “fullbogons”, encompassing the traditional IPv4 bogon prefixes from bogons.cymru.com as well as prefixes that have been allocated to RIRs but not yet assigned by those RIRs to ISPs and end users.

v6.fullbogons.cymru.com

IPv6 “fullbogons”, all IPv6 prefixes that have not been allocated to RIRs and that have not been assigned by RIRs to ISPs, and end users.

Removal Process

Removal from the bogons list will happen when the currently not in use IPv4 or IPv6 address space becomes allocated by IANA and is assigned to a RIR which in turn will allocate that IP space to an ISP or end user.

Related Articles

• General blacklist removal instructions
• Check to see if an IP is blacklisted
• How do I report spam?
• What is a DNSBL (blacklist)?
• Ask for help to diagnose and resolve listing issues