What about a "whitelist" website, every ISP could enter the IPs of his MTA's and everybody could use for his whitelisting?
Radek Mrskos Email mrskos@volume.ch volume.ch Tel: +41 43 534 40 24 Baechlerstr. 12 Mob: +41 79 219 68 66 CH-8802 Kilchberg Fax: +41 86079 2196 866 PGP:0x8CB69F6D URL: http://volume.ch
Hello,
Given the fact that there are many ISPs who volontarily provide IP's for Spamming purposes this won't work. Given the fact that there are ISPs like T-Online, where SPAM IS a problem, this might fail.
Sorry, but I don't think that this would work at all...
CU Tobias
Radek Mrskos wrote:
What about a "whitelist" website, every ISP could enter the IPs of his MTA's and everybody could use for his whitelisting?
Radek Mrskos Email mrskos@volume.ch volume.ch Tel: +41 43 534 40 24 Baechlerstr. 12 Mob: +41 79 219 68 66 CH-8802 Kilchberg Fax: +41 86079 2196 866 PGP:0x8CB69F6D URL: http://volume.ch
swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Something like whitelist.swinog.ch - swinog controlled whitelist.... swiss ISP only
-----Ursprüngliche Nachricht----- Von: swinog-bounces@lists.swinog.ch [mailto:swinog-bounces@lists.swinog.ch] Im Auftrag von Tobias Goeller Gesendet: Dienstag, 27. März 2007 14:38 An: swinog@swinog.ch; swinog@volume.ch Betreff: Re: [swinog] Whitelist website
Hello,
Given the fact that there are many ISPs who volontarily provide IP's for Spamming purposes this won't work. Given the fact that there are ISPs like T-Online, where SPAM IS a problem, this might fail.
Sorry, but I don't think that this would work at all...
CU Tobias
Radek Mrskos wrote:
What about a "whitelist" website, every ISP could enter the IPs of his
MTA's
and everybody could use for his whitelisting?
Radek Mrskos Email mrskos@volume.ch volume.ch Tel: +41 43 534 40 24 Baechlerstr. 12 Mob: +41 79 219 68 66 CH-8802 Kilchberg Fax: +41 86079 2196 866 PGP:0x8CB69F6D URL: http://volume.ch
swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
_______________________________________________ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Am Dienstag, 27. März 2007 14.49 schrieb Radek Mrskos:
Something like whitelist.swinog.ch - swinog controlled whitelist.... swiss ISP only
Of course, but you got the hostname wrong. It's http://dnswl.swinog.ch aka http://antispam.imp.ch/swinog-dnsrbl-whitelist
But not only Swiss Mailservers, this would be a bit useless :-)
Mit freundlichen Grüssen
Benoit Panizzon
Of course, but you got the hostname wrong. It's http://dnswl.swinog.ch aka http://antispam.imp.ch/swinog-dnsrbl-whitelist
But not only Swiss Mailservers, this would be a bit useless :-)
And of course there is also dnswl.org ;-) [Note that dnswl.org data also includes the Swinog whitelist, updated (ir)regularly.]
-- Matthias (one of admins@dnswl.org)
Ok there are some whitelists, but what is it worth, when entries like *.mail.ru are included? (And who entered this?)
-----Ursprüngliche Nachricht----- Von: swinog-bounces@lists.swinog.ch [mailto:swinog-bounces@lists.swinog.ch] Im Auftrag von Matthias Leisi Gesendet: Dienstag, 27. März 2007 15:47 An: swinog@swinog.ch Betreff: Re: AW: [swinog] Whitelist website
Of course, but you got the hostname wrong. It's http://dnswl.swinog.ch aka http://antispam.imp.ch/swinog-dnsrbl-whitelist
But not only Swiss Mailservers, this would be a bit useless :-)
And of course there is also dnswl.org ;-) [Note that dnswl.org data also includes the Swinog whitelist, updated (ir)regularly.]
-- Matthias (one of admins@dnswl.org)
_______________________________________________ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Am Mittwoch, 28. März 2007 13.32 schrieb Radek Mrskos:
Ok there are some whitelists, but what is it worth, when entries like *.mail.ru are included? (And who entered this?)
As far as I rememver we were contacted by the mail mistress of mail.ru who asked for those ranges to be entered.
I know there is a lot of spam around comming from this range, but as far as we have seen they all had correct Received: or X-Origination-IP: headers before the mail.ru mailserver ip address.
This means our spamtraps would blacklist the right addresses of the end(ab)users and also spamassassin is able to score them correctly.
Mit freundlichen Grüssen
Benoit Panizzon
Ok, but this is exactly what do not belongs to this list. *.mail.ru (many others also) is a spamer domain. If the postmaster of *.rr.com, *.net.br, *.com.br calls you to enter his ranges, will you enter it?
Cheers
Radek Mrskos Email mrskos@volume.ch volume.ch Tel: +41 43 534 40 24 Baechlerstr. 12 Mob: +41 79 219 68 66 CH-8802 Kilchberg Fax: +41 86079 2196 866 PGP:0x8CB69F6D URL: http://volume.ch
PS: Was the voice of this mistress at least erotic? ;)
-----Ursprüngliche Nachricht----- Von: swinog-bounces@lists.swinog.ch [mailto:swinog-bounces@lists.swinog.ch] Im Auftrag von Benoit Panizzon Gesendet: Mittwoch, 28. März 2007 13:49 An: swinog@swinog.ch Betreff: Re: AW: AW: [swinog] Whitelist website
Am Mittwoch, 28. März 2007 13.32 schrieb Radek Mrskos:
Ok there are some whitelists, but what is it worth, when entries like *.mail.ru are included? (And who entered this?)
As far as I rememver we were contacted by the mail mistress of mail.ru who asked for those ranges to be entered.
I know there is a lot of spam around comming from this range, but as far as we have seen they all had correct Received: or X-Origination-IP: headers before the mail.ru mailserver ip address.
This means our spamtraps would blacklist the right addresses of the end(ab)users and also spamassassin is able to score them correctly.
Mit freundlichen Grüssen
Benoit Panizzon
Hello,
Radek Mrskos wrote:
Ok, but this is exactly what do not belongs to this list. *.mail.ru (many others also) is a spamer domain. If the postmaster of *.rr.com, *.net.br, *.com.br calls you to enter his ranges, will you enter it?
Depends. If they give me the ranges of their servers: Why not? As long as they provide the dialup / dyn ranges, too?
BTW: You're free to start something like this. Maybe others will join. Unique Selling Point may be a buzzword but it *can* help.
PS: Was the voice of this mistress at least erotic? ;)
Hmm, no idea how an email can have a voice.
CU!
Radek Mrskos wrote:
Ok, but this is exactly what do not belongs to this list. *.mail.ru (many others also) is a spamer domain. If the postmaster of *.rr.com, *.net.br, *.com.br calls you to enter his ranges, will you enter it?
194.67.23.0/24 does not equal the full set of *.mail.ru hostnames.
Similarly, dnswl.org contains three /24s for uol.com.br (see http://www.dnswl.org/search.pl?s=3633). Now this is not a statement that uol.com.br is all nice and cosy, but it's a statement of the fact that the postmaster for uol.com.br told us that these are the ranges for the mailservers (and we verified that using eg senderbase.org).
Since such ranges are usually not as trustworthy as /32s of well-respected mailserver operators, dnswl.org lists such ranges with a score of "none"; for all practical reasons, this should translate into "do not greylist, since there is most likely a legitimate mailserver at the other end who will retry anyway".
Yes, whitelisting incurs the risk of missing some spam. But this risk is usually lower than catching a non-spam in a spamfilter.
-- Matthias
Well, In my point of view this makes about the same sense as if we'd take the decision to start up something like a new standard for inter-ISP-communications (ever thought about IPv7, maybe IPv7.25?) - for switzerland only.
This would just move the source of the problem to another point - but would not help solve the problem: SPAM.
Sorry, but the internet is a medium almost without any fences and doors. The whitelist would be enhanced soon by entries for german ISPs who are partners of swiss ISPs, soon then there will be all german ISPs in (and the french, and the italian, and so on).
At the end we would have a 4-TB Oracle Database with the IPs of any ISPs mail server system - just for a whitelist... hmmm. Why don't we start up a second RIPE? Sponsors?
The swinog mailinglist has a whitelist already - and if you're trying to reach someone participating you already have two ways of how to get in touch with who you want to contact: direct mail or via list.
CU Tobias
Radek Mrskos wrote:
Something like whitelist.swinog.ch - swinog controlled whitelist.... swiss ISP only
-----Ursprüngliche Nachricht----- Von: swinog-bounces@lists.swinog.ch [mailto:swinog-bounces@lists.swinog.ch] Im Auftrag von Tobias Goeller Gesendet: Dienstag, 27. März 2007 14:38 An: swinog@swinog.ch; swinog@volume.ch Betreff: Re: [swinog] Whitelist website
Hello,
Given the fact that there are many ISPs who volontarily provide IP's for Spamming purposes this won't work. Given the fact that there are ISPs like T-Online, where SPAM IS a problem, this might fail.
Sorry, but I don't think that this would work at all...
CU Tobias
Radek Mrskos wrote:
What about a "whitelist" website, every ISP could enter the IPs of his
MTA's
and everybody could use for his whitelisting?
Radek Mrskos Email mrskos@volume.ch volume.ch Tel: +41 43 534 40 24 Baechlerstr. 12 Mob: +41 79 219 68 66 CH-8802 Kilchberg Fax: +41 86079 2196 866 PGP:0x8CB69F6D URL: http://volume.ch
swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Tobias Goeller wrote:
Well, In my point of view this makes about the same sense as if we'd take the decision to start up something like a new standard for inter-ISP-communications (ever thought about IPv7, maybe IPv7.25?) - for switzerland only.
Actually, in .nl this is done. All the "known" ISP's have registered MX's. This way one can whitelist those MX's in the local anti-spam system: http://noc.bit.nl/dnsbl/nlwhitelist/
It is indeed not very scalable, but it avoids the blacklisting of a complete ISP.
There they also have a system for dutch-wide anti-virus: VirBL http://virbl.bit.nl/
I am pretty sure that they (BIT et all) are willing to cooperate with you folks on setting something similar up for Swiss providers and most likely also to exchange lists to make it beneficial in usage.
For that matter, what about a big Inter-NOG, thus Swiss, Dutch, German, Austrian, Italian, French, Polish etc ISP's all coming together in a place with an ample amount of beer and other such things!? They call that NANOG in the US.... can it be done in Europe?
This would just move the source of the problem to another point - but would not help solve the problem: SPAM.
The current way is really only: SpamAssassin. At least it limits the spam coming into your mailbox.
You can't control the whole Internet, thus you can't control SPAM. As long as there is $$$ to be earned spammers will exist, whatever trick they will use, they will get spam to stupid people who will buy their products or get tricked into giving out their account information.
A next step which might be going to work quite well is DKIM. Both Yahoo and Gmail are already using and many ISP's are following.
Greets, Jeroen
Am Dienstag, 27. März 2007 14.32 schrieb Radek Mrskos:
What about a "whitelist" website, every ISP could enter the IPs of his MTA's and everybody could use for his whitelisting?
s/ISP/spamer/g :-)
But we already operate the SWINOG Whitelist for this purpose. Feel free to send us Mailserver Ranges still missing in this whitelist. => abuse@imp.ch
Mit freundlichen Grüssen
Benoit Panizzon
-
Benoit Panizzon -
Jeroen Massar -
Matthias Leisi -
Radek Mrskos -
Tobias Goeller