I'm reposting this here, having already posted it to the SRX forum, but a suggestion was that it may be useful here too.
I wrote a process for integrating certain dynamic blacklists with JunOS. I thought it might be useful to someone other than me. It uses SpamHaus DROP/EDROP, Team-Cymru Bogons, DShield Recommended and Emerging Threats RBN lists.
Sorry for the delay, I haven't checked in in a while.
I have run into one or two false positives where a destination IP is within a subnet blocked by one of the lists. I've gotten around it by adding a 'whitelists' term and maintaining a 'whitelists.txt' file on the same Linux host which runs the cron script. I don't white lists whole subnets as a rule, only single IP's.
The filter covers any protocol.
I updated the blog article recently so the filter now shows what is matching on a per-term basis (each blocklists gets a term to itself). This makes it easier to see where things are matching, for example -