The TechTheft Bogon Blacklist is an automatic blocklist that contains bogon IP ranges, which are IP addresses that are unallocated or reserved by IANA and should never appear in public internet traffic.
The TechTheft Bogon Blacklist is a semi-automatic, IP-based blacklist that contains network ranges that should never appear in public internet traffic. A 'bogon' is a term for an IP packet on the public internet that claims to be from an area of the IP address space that is not allocated or is reserved for special use. The policy for this blocklist is to add these ranges automatically based on data from IANA registries, BGP registries, and standard internet RFC documents.
The content of this blacklist (or blocklist) includes:
Technically, the zone for this blacklist is bogon.bl.techtheft.info. The intended use is to block or firewall any traffic from these IP addresses on sight. According to TechTheft, access to use this list is private and available only to subscribers by invitation.
The TechTheft Bogon Blacklist is operated by the organization TechTheft. The group's core mission is to combat what it calls "Hi-Technology Theft", which includes spam, viral attacks, DDoS attacks, and IP hijacking. They view this as a war against technology abuse and have created a collaboration point for administrators and security enthusiasts to fight back.
TechTheft's philosophy is aggressive. They advocate for an "Internet Death Penalty" against all sources and supporters of abuse. They believe it is no longer sufficient to just filter or delete malicious traffic; it must be prevented at the source. This involves validating client registrations and blocking all attack attempts at the very start of a connection.
Removal from the TechTheft Bogon Blacklist is automatic only. Some IP addresses, by their very nature (such as those permanently reserved for private use), will never be removed. Because this blocklist contains IP addresses that should not be routing on the public internet, a listing is indicative of a serious network misconfiguration.
There is no manual delisting process or removal form for the bogon list. The issue must be corrected at the source. Once your network configuration is fixed and the bogon IP address is no longer being advertised publicly, the listing will be removed automatically over time.
For TechTheft's other, more general blacklists, the removal process is based on resolving complaints. If you believe you are listed on another one of their blocklists, you should:
The direct impact of being listed on the TechTheft Bogon Blacklist is considered low, primarily because TechTheft states that its lists are private and used internally by subscribers. However, the indirect impact is extremely high.
Being listed on any bogon blocklist means your system is using an IP address that is not valid for public internet traffic. Any network administrator following standard security practices will block traffic from such addresses. This means that not only will your emails be blocked, but all traffic from that IP is likely to be firewalled, preventing any communication. The root cause, a misconfigured network, is a critical issue that will cause widespread connectivity and deliverability problems far beyond this single blacklist.
Organization
Zone
Type
Impact
Delisting
Organization
Zone
Type
Impact
Delisting
Organization
Zone
Type
Impact
Delisting
Organization
Zone
Type
Impact
Delisting
Organization
Zone
Type
Impact
Delisting
Organization
Zone
Type
Impact
Delisting
Organization
Zone
Type
Impact
Delisting
Organization
Zone
Type
Impact
Delisting
Organization
Zone
Type
Impact
Delisting
Organization
Zone
Type
Impact
Delisting
Organization
Zone
Type
Impact
Delisting
Organization
Zone
Type
Impact
Delisting
Organization
Zone
Type
Impact
Delisting
Organization
Zone
Type
Impact
Delisting
Organization
Zone
Type
Impact
Delisting
19 resources
Do blacklists exist for newly registered domain names?
Should I use blacklist or blocklist in email marketing?
What are examples of insignificant or ineffective email blocklists?
What is the distinction between Abusix 'black' and 'black_css' abuse lists?
Where can I find comprehensive lists of known disposable email domains to block?
Why is a Google IP address blocklisted by Spamhaus?