Accuracy First, Always
We prioritise high-confidence, well-verified data over raw volume. Every listed domain must meet clear criteria, be reviewed continuously, and be removed quickly when it no longer poses a threat. The goal is trustworthy blocking with minimal false positives, suitable for production networks.
Privacy-Respecting Operation
The service is operated without tracking users or collecting resolver telemetry. DNS security should improve safety without introducing new privacy risks.
Built on DNS Standards and Best Practices
These blocklists are developed with a deep understanding of DNS infrastructure. They integrate naturally with technologies like Response Policy Zones (RPZ), follow established standards, and are operated with stability and long-term reliability in mind — even at scale.
Open, Inclusive, and Free Software
The IPFire DNS blocklists are built as a public good: open, transparent, and free to use. They are available to anyone, regardless of platform or vendor, and developed in the open so the wider community can inspect, contribute, and benefit.