diff --git a/include/libtorrent/session_settings.hpp b/include/libtorrent/session_settings.hpp
index 6dca747ad..f7a864b12 100644
--- a/include/libtorrent/session_settings.hpp
+++ b/include/libtorrent/session_settings.hpp
@@ -1411,6 +1411,7 @@ namespace libtorrent
 			, aggressive_lookups(true)
 			, privacy_lookups(false)
 			, enforce_node_id(false)
+			, ignore_dark_internet(true)
 		{}
 		
 		// the maximum number of peers to send in a
@@ -1485,6 +1486,10 @@ namespace libtorrent
 		// IP are ignored. When a query arrives from such node, an error message is returned
 		// with a message saying "invalid node ID".
 		bool enforce_node_id;
+
+		// ignore DHT messages from parts of the internet we wouldn't expect
+		// to see any traffic from
+		bool ignore_dark_internet;
 	};
 
 
diff --git a/src/kademlia/dht_tracker.cpp b/src/kademlia/dht_tracker.cpp
index c71d47e5c..9bf3a36b5 100644
--- a/src/kademlia/dht_tracker.cpp
+++ b/src/kademlia/dht_tracker.cpp
@@ -450,6 +450,20 @@ namespace libtorrent { namespace dht
 
 		// account for IP and UDP overhead
 		m_received_bytes += size + (ep.address().is_v6() ? 48 : 28);
+	
+		if (m_settings.ignore_dark_internet && ep.address().is_v4())
+		{
+			address_v4::bytes_type b = ep.address().to_v4().to_bytes();
+
+			// these are class A networks not available to the public
+			// if we receive messages from here, that seems suspicious
+			boost::uint8_t class_a[] = { 3, 6, 7, 9, 11, 19, 21, 22, 25
+				, 26, 28, 29, 30, 33, 34, 45, 48, 51, 52, 56, 102, 104 };
+
+			int num = sizeof(class_a)/sizeof(class_a[0]);
+			if (std::find(class_a, class_a + num, b[0]) != class_a + num)
+				return true;
+		}
 
 		node_ban_entry* match = 0;
 		node_ban_entry* min = m_ban_nodes;