LIST · BLOCKLIST

Community blocklist (seed)

IPv4 + IPv6 ranges that should not be routing legitimate traffic, seeded from Spamhaus DROP / EDROP / DROPv6. Spamhaus tracks ranges hijacked by criminal organisations and known bulletproof-hosting allocations. **Credit: Spamhaus Project — https://www.spamhaus.org/drop/.** Refreshed hourly. Community submissions extend it via /submit; pending entries land in the mod queue.

Subscription URL

https://mikrotikfilters.com/api/lists/community-blocklist.rsc

Paste this URL into a RouterOS /tool fetch on a daily schedule. The header toggle picks v6 vs v7 syntax — the extension flips between .rsc and .v6.rsc in place; the .json and .txt formats below are version-neutral.

Last built Entries

Paste-and-go.

Three RouterOS commands: fetch the list, import it, schedule a daily refresh. Run them in a terminal, Webfig, or Winbox. The header toggle picks which RouterOS syntax flavour the snippet below targets — same shell, different embedded URL. For production, verify integrity from a workstation first (snippet below); the deeper-dive Integrity section covers the CI-pinning shape.

Step 0 (recommended) · Verify integrity from a workstation

# Workstation-side verify (Linux / macOS / WSL).
# RouterOS has no native sha256; check off-router before deploy.
curl -sSO https://mikrotikfilters.com/api/lists/community-blocklist.rsc
curl -sSO https://mikrotikfilters.com/api/lists/community-blocklist.rsc.sha256
sha256sum -c community-blocklist.rsc.sha256
# → community-blocklist.rsc: OK
mtkf-community-blocklist-quickstart.rsc v7 12 lines · 548 bytes
# subscribe to mtkf-community-blocklist
/tool fetch mode=https \
  url="https://mikrotikfilters.com/api/lists/community-blocklist.rsc" \
  dst-path=mtkf-community-blocklist.rsc
/import file-name=mtkf-community-blocklist.rsc

# schedule daily refresh — set-and-forget
/system scheduler add name=mtkf-community-blocklist-refresh interval=1d \
  on-event=":do { \
    /tool fetch mode=https url=\"https://mikrotikfilters.com/api/lists/community-blocklist.rsc\" dst-path=mtkf-community-blocklist.rsc; \
    /import mtkf-community-blocklist.rsc \
  }"
mtkf-community-blocklist-quickstart.rsc v6 12 lines · 554 bytes
# subscribe to mtkf-community-blocklist
/tool fetch mode=https \
  url="https://mikrotikfilters.com/api/lists/community-blocklist.v6.rsc" \
  dst-path=mtkf-community-blocklist.rsc
/import file-name=mtkf-community-blocklist.rsc

# schedule daily refresh — set-and-forget
/system scheduler add name=mtkf-community-blocklist-refresh interval=1d \
  on-event=":do { \
    /tool fetch mode=https url=\"https://mikrotikfilters.com/api/lists/community-blocklist.v6.rsc\" dst-path=mtkf-community-blocklist.rsc; \
    /import mtkf-community-blocklist.rsc \
  }"

Rate-limit note — anonymous fetches are capped at 2 pulls per IP per day across all lists combined (PLAN §3.4) — enough to preview a list or two, not to subscribe a router. Sign in for 10/day per account, or become a supporter for 200/day + the bundle builder (one URL containing many lists).

Other formats.

Same content, five outputs: .rsc (v7-syntax, the default) flips to .v6.rsc when the header toggle is on v6, plus .json, .txt, and an .rss feed of the newest entries — all version-neutral. Each link opens in a new tab.

RouterOS RouterOS v6 JSON Plain text CSV RSS
Category
blocklist
Default action
drop
RouterOS compat
v6 + v7
Address-list name
mtkf-community-blocklist

Verify the body matches.

Every format has a sibling .sha256 URL that serves a one-line coreutils manifest. Pin it in CI / Ansible / a wrapper script to fail loudly if the upstream body changes unexpectedly. RouterOS itself has no native sha256sum, so verification belongs on the workstation that pushes the body to the router — not on the router itself.

sha256 manifest URL

https://mikrotikfilters.com/api/lists/community-blocklist.rsc.sha256

The header toggle flips this URL between .rsc.sha256 (v7-syntax body) and .v6.rsc.sha256 (v6-syntax body) — pair the manifest with the body of the same flavour.

Manifests for every format
  • https://mikrotikfilters.com/api/lists/community-blocklist.rsc.sha256
  • https://mikrotikfilters.com/api/lists/community-blocklist.v6.rsc.sha256
  • https://mikrotikfilters.com/api/lists/community-blocklist.v7.rsc.sha256
  • https://mikrotikfilters.com/api/lists/community-blocklist.json.sha256
  • https://mikrotikfilters.com/api/lists/community-blocklist.txt.sha256

Verify on a workstation:

# On your workstation (Linux / macOS / WSL — RouterOS has no
# native sha256sum; verify off-router, then deploy the verified
# body to your router via your usual flow).
curl -sSO https://mikrotikfilters.com/api/lists/community-blocklist.rsc
curl -sSO https://mikrotikfilters.com/api/lists/community-blocklist.rsc.sha256
sha256sum -c community-blocklist.rsc.sha256
# → community-blocklist.rsc: OK

# Pin in CI: exit non-zero if the upstream body changed without
# you bumping the expected digest.
sha256sum --status -c community-blocklist.rsc.sha256 \
  && echo "verified, safe to /import" \
  || echo "DIGEST MISMATCH — refuse to deploy"

Heads-up — the digest covers the rendered body including the self-identifying header (generated_at, entries, etc.). That timestamp advances on every request, so two consecutive pulls of the same list produce different digests by design. Fetch the body and manifest as a pair (within seconds) for the check to succeed — the manifest is a point-in-time integrity pin, not a long-lived content hash.

What's in the list.

The first 100 approved entries, alphabetised by address. Filter by address, comment, or source — the filter scans the full list, not just the rendered page, and re-renders the table with every match (capped at 10k entries for very large lists). For a bulk export, use one of the format downloads above — the same data, paginated only by download size.

Live data loading…
Address Fam. Tag Source Added Comment

Where the entries came from.

Each list aggregates one or more upstream sources. We mirror raw upstream input on every successful fetch so the list keeps working if a source goes offline.

  • Loading source attribution…