MailScanner Website

Joolee mailscanner at joolee.nl
Mon Aug 25 12:20:58 IST 2014


If the data source is phishtank,the URL Blacklist service at
http://www.surbl.org/lists#ph also uses phishtank as one of the sources.


On 24 August 2014 15:30, Jerry Benton <jerry.benton at mailborder.com> wrote:

> Nick,
>
> You have presented what you see as a problem, yet have not presented a
> solution. If you have a better way to do it, write it and send it to me or
> this list and I will be happy to implement it. If you think it is overkill
> to blacklist an entire domain, again, provide an alternate solution and if
> it makes sense and is sustainable I will be happy to implement it.
>
> The current build uses domains instead of URLs because the list from the
> current source at phishtank.com, which uses URLs, was somewhere around
> 30,000 items the last time I checked. That is way too big for a config
> file. Therefore, the current build script scrubs those and gets it under
> 1,000 items. This is done by evaluating all of the URLs and pulling the
> domains from them. This is not like blacklisting a /16 CIDR. There is
> (should be) a hell of a lot more control of what content gets posted on a
> domain’s website. If there is malicious content anywhere on a website, the
> whole thing should be blacklisted until they fix it. This isn’t mystifying.
> Google does the same thing with its search results.
>
>
> Requirements for a new solution:
>
> - A source for the bad sites. www.phishtank.com is currently used. It is
> actively maintained. If you know of a better resource, feel free to let me
> know.
> - A new cron to replace the current version. I am aware it is very basic
> and needs to be updated. What we need is either a cron that will read a
> custom section of phishing.bad.sites.conf or we can add an additional file
> called something like phishing.bad.sites.custom.conf that can be read and
> merged with phishing.bad.sites.conf during the build.
> - The same thing for phishing.safe.sites.conf
> - A source for the safe sites if you think the current source is a bad
> one.
> - The same cron logic as stated above for the bad sites.
>
>
> So what would be the most helpful thing at the moment would be a cron that
> addresses the above issue regarding custom entries. It would need to
> evaluate your “safe” entries and remove it from the dynamic “bad” entries
> if present. It would then need to append the custom “safe” entries to
> phishing.safe.sites.conf.
>
>
> -
> Jerry Benton
> www.mailborder.com
>
> On Aug 24, 2014, at 12:07 AM, Nick Edwards <nick.z.edwards at gmail.com>
> wrote:
>
> Would it not be better to first fix the
> http://phishing.mailborder.com/phishing.bad.sites.conf
> file?
>
> I find it a bit ridiculous that you list URI shortners, like t.co and
> others (yet strangely not fb.me)
> its for that reason we dont and wont as an ISP, use your list. other
> mailscanner users in my group were also mystified why, and wont use it
> now.
>
> It's kind of like the old spews, list a /16 because of one or two
> spammers, complete overkill
>
> just sayin...
>
>
> On 8/12/14, Jerry Benton <jerry.benton at mailborder.com> wrote:
>
> Hristo,
>
> I would like to have content dynamically updated at some point. An example
> would be an optional Phishing updates, ScamNailer updates (after we fix
> it),
> etc. Also, versioning for content, a better wiki with better authoring
> control, etc. The debate has already gone back and forth over this mailing
> list regarding static vs CMS, so we don't need to rehash the same debate.
>
>
>
> -
> Jerry Benton
> www.mailborder.com
>
> On Aug 11, 2014, at 11:55 AM, Richard Siddall <richard.siddall at elirion.net
> >
> wrote:
>
> Hristo Benev wrote:
>
> Jerry,
>
>     Based on navbar-fixed-top
>
> I've created this
> http://hbcom.info/mailscanner/mailscanner_rapid_prototype_v1.png
>
> Is CMS really needed? How many pages are changed and how frequently?
> AFAIK most of the changes are in the wiki.
>
> Development and version control could be done via GIT (or other VCS).
>
>
> "Build A Blog With Jekyll And GitHub Pages"
> http://www.smashingmagazine.com/2014/08/01/build-blog-jekyll-github-pages/
>
> Might suit a developer better than installing WordPress and a
> Bootstrap-based theme.
>
>
> Do you have any comments?
>
> Hristo
>
>
> Richard.
>
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!
>
>
>
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!
>
>
>
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20140825/ac82489e/attachment.html 


More information about the MailScanner mailing list