discuss AT lists.opennicproject.org
Subject: Discuss mailing list
List archive
- From: Jamyn Shanley <jshanley AT gmail.com>
- To: discuss AT lists.opennicproject.org
- Subject: Re: [opennic-discuss] [SHAME] Spam Rats
- Date: Thu, 10 Jan 2013 13:00:34 -0600
I actually think there would be some benefit to running an ossec client on the T2 nodes that reports abusive behavior to a controller, so we could block abusive traffic preemptively on the other nodes. That way if they abuse node 1, node 2 already has a dynamic filter in place when they switch nodes after they're ratelimited.
It would not be too hard to parse spammer IPs from the reliable RBLs and share them across the network, but I don't know if there's any interest/demand.
On Thu, Jan 10, 2013 at 11:46 AM, Jeff Taylor <shdwdrgn AT sourpuss.net> wrote:
I've been using sbl-xbl.spamhaus.org and zombie.dnsbl.sorbs.net for the last couple years with good success, although checking my logs just now it appears the sorbs list has not actually had any hits recently...
I've been wondering if there's a way to correlate the abusive traffic we see on the T2 servers with spammers, but I've never taken the time to really do any digging.
On 01/10/2013 08:23 AM, Jamyn Shanley wrote:
Yep, this sounds like the same business model the old SORBS list had.
They would block entire ranges they considered dynamic (they'd get that wrong half the time), and then only de-list you if you gave them a non-negotiable minimum "donation". SORBS was eventually bought out, and they may be legitimate now - but back then they were the most illogical and childish list administrators out there.
I'll agree, Spamhaus is pretty good. They have automated delisting processes and their listing criteria is clear and consistent. I've been really happy with their Zen list.
On Thu, Jan 10, 2013 at 4:17 AM, Simon <simon AT hacknix.net> wrote:
On 01/10/13 03:16, Julian DeMarchi wrote:This sounds like they're just after some fast cash by blacklisting loads
> This is the first RBL I have seen list a /24 for lack of PTRs. Not for
> sending spam, but just PTRs alone. How do you explain this to your
> customer?
of ranges and then charging for them to be de-listed. The only RBL I
have ever felt happy using is Spamhaus.
Simon
--------
You are a member of the OpenNIC Discuss list.
You may unsubscribe by emailing discuss-unsubscribe AT lists.opennicproject.org
- [opennic-discuss] [SHAME] Spam Rats, Julian DeMarchi, 01/09/2013
- Re: [opennic-discuss] [SHAME] Spam Rats, Simon, 01/10/2013
- Re: [opennic-discuss] [SHAME] Spam Rats, Jamyn Shanley, 01/10/2013
- Re: [opennic-discuss] [SHAME] Spam Rats, Jeff Taylor, 01/10/2013
- Re: [opennic-discuss] [SHAME] Spam Rats, Jamyn Shanley, 01/10/2013
- Re: [opennic-discuss] [SHAME] Spam Rats, Simon, 01/10/2013
- Re: [opennic-discuss] [SHAME] Spam Rats, Julian DeMarchi, 01/10/2013
- Re: [opennic-discuss] [SHAME] Spam Rats, Jeff Taylor, 01/10/2013
- Re: [opennic-discuss] [SHAME] Spam Rats, Simon, 01/10/2013
- Re: [opennic-discuss] [SHAME] Spam Rats, Jamyn Shanley, 01/10/2013
- Re: [opennic-discuss] [SHAME] Spam Rats, Jeff Taylor, 01/10/2013
- Re: [opennic-discuss] [SHAME] Spam Rats, Jamyn Shanley, 01/10/2013
- Re: [opennic-discuss] [SHAME] Spam Rats, Simon, 01/10/2013
Archive powered by MHonArc 2.6.19.