DBL "Malware" contains more than "Malware"

The Malware list does not match the definition you give “Blocks domains known to distribute malicious software”, its blocks far more then that.

If you are going to have categories, then the domains in each category should be from list for those categories.

The “Malware” DBL list is integrating entries from list that include simply “Tracking”.

”Tracking” is far from “Malware” is should NOT be included in the same list, It would probably be better suited to “Advertising” if anything, or probably should just be its own category, but either way, it is not “Malware”

The ShadowWhisperer Tracking list is one.

This list is also including the SinkingYachts Phishing list, PhishDestroy, which should be included in a category you already have, “Phishing”

You also have Matomo Referrer Spam List, again not “Malware”

You have two LanikSJ list, 1 is ADs, again not malware.

KADomeny list, its is a complete mix of all sorts of different stuff, so really shouldn’t be used in any of your current categories.

DurableNapkin list, Scams, not Malware.

CyberHost[.]uk List, its a combined Malware and Phishing Blocklist, so again, not appropriate for either one on its own.

(Unofficial) Emerging Threats, again its a mixed list including including phishing.

Please detail how you determined the alternate categories. I am curious.

On each IPfire DB Category page, you can see all the lists that are included for sources of that list and if you click on those lists, either the list has a header giving you information about that list such as what it contains, where its sources are and things of that nature, or you can also glean some information from the URL, or you can just go to the GitHub or original source of those lists or wherever and find out what those specific lists contain.

It’s really kind of interesting that all of these lists made it into Malware without even basic research of what these list contain, or if the research was done, why the decision was made that they should be included in malware, especially for the phishing ones which literally has a category already.

Hello Brandon,

thank you for your feedback.

The reason why there is such hard overlap is that we did initially did not plan to have a separate category for Phishing. Simply because we need some good sources and many of them were throwing a lot of stuff into the same bucket.

I changed my mind and not everything has been fully updated, yet. In practice this would not have been a big problem because most people will probably still block both, Malware & Phishing.

It is very unlikely that we will always have a very precise distinguishing between all the categories. That would be very desirable, but probably not practical.

I have updated the list and implemented most of your changes.

For the future, I would appreciate if you joined our DBL mailing list and share your thoughts there as this support forum is not the right place.