Page MenuHomeMy privacy DNS

RPZ List
Updated 266 Days AgoPublic

This list contains our public facing Response Policy Zone

Here you can see our RPZ driven Response Policy Zones to be used in your DNS Firewall or by simply switch your DNS Client setting to point to our Firewall DNS server.

This is the RPZ Firewall zone which hosts all our Adult Contents and Porno related domains that have been reported. You can also find reported Adult Contents at[]=NSFW%20Adult%20Material and GitHub.

You will find the issue template for this zone in /maniphest/task/edit/form/2/.

This zone is not our primary concern and as a result the default weight for maintaining this zone is therefore limited.

AdWare is among the worst sinners when it comes to tracking you around the internet.
This is also the new zone that should used along side whit the Response Policy Zone for optimal protection.

What is Cryptojacking?

Cryptojacking is defined as the unauthorized use of your computer to mine crypto currencies.
In short, a program is installed or temporarily executed in your browser that secretly extracts crypto currencies.
JavaScript on websites is also used to mine the crypto currencies.
In a cryptojacking attack, the crypto currency mining code is transferred to the user's system without permission.
Mining is then the computer process that is executed to create coins.
The CoinBlockerLists are an open source project by to secure networks against cryptojacking attacks.
The project is primarily designed for companies, universities and other networks to provide better network protection.

You can follow the project at CoinBlocker

This zone is an import of the anti phishing Blacklists. If you find any records, that you might have any questions to regarding this zone, please see current contact details at there project web site

ChongLuaDao Are also they first project that have adapted the new Blacklist sharing format by @Somebodyisnobody. You can read more about that in T3677.

This zone is mainly targeting domains hosted in Vietnam and covers the following categories:

As the name suggest, this RPZ zone contain our handcrafted list of domains used for money gambling.
We are currently in the initial face of starting up co-operate with different governmental and NGO (Interest Organizations) such as and
DISCLAIMER: It is important to notice this is the initial face, which could be read as we have the thought on this, the mail and backend is yet not ready to handle this.

The RPZ dns firewall records to be used for blocking Malware See more at Malicious

See Phishing for details, and you can follow the process here Phishing

The zone is hosting all records from the sharked domains. The purpose with this category is to prevent users from visiting hijacked domains owned by domain pirates.

The zone includes both the domain pirates and the pirated domains.

A domain pirate is often a company who believe they can generate money on stealing domains from people or minor projects who have forgotten or even worth, shortly been out of money, to renew there domain, for then to bee meet by a claim in the 1000's of bucks to get there domain released.
The other shitty thing about these internet pirates, is they are holding domains that ordinary should be released back into the public for anyone to use.
In short, these pirates is acting against the founding father idea of a free and open internet for spreeding knowledge across the borders to the people by the people in a free and DEMOCRATIC fashion.

This DNS Firewall zone was released 30. April 2020.

This new DNS RPZ Firewall zone is all about blocking domains used for redirecting and often in relation with url shotening for tracking your activities.

An example of this could be the more well know as and which was used for tracking 2.1 billion user activities back in 2009.

The primary zone-file is hosted in the

This RPZ zone contains a mix of the following records from rMATRIX except from bait sites, porno sites and SafeSearch.

Since the release of new zones in our Response policy zones (RPZ) driven DNS Firewall, there will be fewer submissions to this RPZ zone.

We are slowly but steady mowing zones from this master zone and into the sub categorized DNS Firewall zone as described below. However, some might stay in this master zone to reduce the number of overlapping and dublets, as some records simply are to broadly mapped in to many categories.

The zone is intended to enable SafeSearch in your browser by default by redirecting the ordinary DNS response into a predefined IP-address by search providers like or for on the tor-network .onion

These records is placed outside the default source folder in safesearch/.

This zone is hosting spam and scam domains.
The simple reason for this is they are so closely combined and about 95% of al domains would be listed in each Response Policy Zone if we divided these as separated DNS Firewalls RPZ

The RPZ dns firewall records to be used for blocking Spyware See more at #spyware

A very tight Strict Adult contents blocking filter, where domains like imgur will be blocked saw the light of the day at 1 of May 2020, this zone is set up to serve our data from tracking source list.

The records in this zone is added to cover the Trackware and those who offer these shameless resources.

The Typo Squatting zone is purely based on source/typosquatting/

This list have it's very own life, as this is a very very tricky one to maintain.

The reason for that is, it have to balance between what is going on with a domain that for several reasons might be blacklisted on some lists but not on others. It can also be that a domain in general do 99,9% right, but because of it's nature of user based submissions, could do a lot of evil.


Gitlab is 100% user submitted contents, but for the same reason also a widely target from bad guys to host there evil code. For that rightfully reason Gitlab often pop ups on list for malicious code. But as that would have huge influence on our workflow, it's of curse to be whitelisted.

However you are more than welcome to use it :)

Obtain DNS Firewall zones

To obtain a valid copy of our DNS zones you can use several tools. We will here introduce you into the best and most stable ways to do this in preferred order.

DNS Resolver

The best and most modern way to run a DNS Firewall is by using a good and up to date DNSResolver and have that to automatically fetch our RPZ zones, when the SOA record changes.

The best and most modern DNS-resolvers to use RPZ zones is PowerDNS-Recursor and Bind 9

Next to these two very powerful DNS resolvers which fully support the use of Response Policy Zones we can recommend Unbound for which we do maintain ready to use zone files in our Unbound Zone files project.
It is worth mentioning that Unbound do work on supporting RPZ-Firewall, but it seems to have a very low priority. See this PullRequest at GH

Hosts files

We don't do much in this severely outdated method of blocking, as it is resources extensive, and it is adding heavy I/O loads to any systems using these.

Microsoft Windows often even fails completely to even start the network as the files are getting to big with to many records.
We have therefore decided to nearly completely dish all hosts files, but a few of them, is being kept alive do to the importance of the records in them.

Response Policy Zones


You need to switch the standard DNS port 53 to 5303
Please use DNS name

dig and drill examples

To get the latest with dig or drill you simply do:

For IPv4

drill axfr -p 5303

The reason we are use drill in our examples is do to the limitation in dig an IDNA formatted domains, which isn't a issue within a standard compiled drill.

Last Author
Last Edited
Apr 27 2021, 4:30 PM

Event Timeline

Spirillen edited the content of this document. (Show Details)
Spirillen published a new version of this document.May 1 2020, 1:24 PM
Spirillen added projects: Restricted Project, Malicious.