O.T. milter-link - reject phishing & spam
Ken A
ka at pacific.net
Thu Jun 29 01:02:31 IST 2006
Ken A wrote:
>
>
> Steve Freegard wrote:
>> Hi Ken,
>>
>> Ken A wrote:
>>> Is the URIBL in your graph just a generic term here, or are you using
>>> milter-link with URIBL rather than SURBL, or both? I was just testing
>>> using SURBL, but might drop a couple more in and see how it goes...
>>
>> It's a generic term -- I use all three URI lists (in the following
>> order):
>>
>> sbl-xbl.spamhaus.org
>> multi.surbl.org
>> black.uribl.com
>>
>> The spamhaus test is slightly different from the other two lists -- it
>> lists the IP addresses of spamvertised web servers and seems to work
>> the best of all three lists.
>
> Seems like that could be risky when considering a shared hosting
> environment, where there are hundreds of sites on a single IP. Wouldn't
> you be punishing them all?
for example..
# host humboldt.edu
humboldt.edu has address 137.150.145.17
# host 17.145.150.137.sbl-xbl.spamhaus.org
17.145.150.137.sbl-xbl.spamhaus.org has address 127.0.0.4
That's Humboldt State University in Northern California.
I wonder if they host student sites, or have an open relay script..
:-(
Another one..
#host alumni.net
alumni.net has address 66.240.255.123
# host 123.255.240.66.sbl-xbl.spamhaus.org
123.255.240.66.sbl-xbl.spamhaus.org has address 127.0.0.4
This is a alumni networking site claiming 4 million members..
They aren't on any other lists, probably another site on the same ip is
being exploited to send spam. I think maybe just the sbl might be safer,
at least for an ISP environment.
Thanks,
Ken A.
Pacific.Net
> Thanks,
> Ken A.
> Pacific.Net
>
>> Kind regards,
>> Steve.
>>
More information about the MailScanner
mailing list