Blocking Malicious Sites at DNS level

I run my own DNS server and I use it for all my personal devices and a handful of virtual private servers. It is running Unbound[1] version 1.5.10.
At any rate, I have been considering to allow people to use this service. The caveat is that I need to whitelist the IP of whoever wants to use the service, as it isn't allowing requests other than entries defined in the ACL configuration; those clients are allowed to make (recursive) queries. All other hosts will be dropped.
I don't log anything and the only statistics kept are those generated by unbound-control. Those statistics are publicly available, here.
In order to combat spam, advertisements and other malicious junk I maintain a rather impressive repository which pulls data from four different sources. This blocklist is available for public consumption, here. This means I don't have to use any third-party software or plugins such as Adblock Plus[1] in order to get rid of spam; I simply use my own DNS server!

If you would like to take advantage of my service you'll need to contact me and tell me which IP addresses you want whitelisted in the ACL configuration. The safest bet to reach me is via IRC. The details are available on this page.

That's all.


Ref.

[1] Unbound is a validating, recursive, and caching DNS server software product distributed in open source form under the BSD license. You can learn more about this software at https://www.unbound.net/ or get the source directly from my mirror: https://anonym.k0nsl.org/unbound-mirror.php.
I try to pull from the Unbound subversion repository at least twice per week or whenever I see that they have made a new commit.

[2] Adblock Plus is probably one of the most popular ad blockers available for practically every browser of note.

[3] I compile unbound with the following flags: ./configure --prefix="/home/unbound/unbound-compiled" --with-libevent --enable-fast-install --with-ssl

Comment: