DNS ISP Host List Available - SpamAssassin

This is a discussion on DNS ISP Host List Available - SpamAssassin ; ...

+ Reply to Thread
Page 1 of 2 1 2 LastLast
Results 1 to 20 of 30

Thread: DNS ISP Host List Available

  1. Re: DNS ISP Host List Available


  2. Re: DNS ISP Host List Available


  3. DNS ISP Host List Available

    I've also created a DNS based list of domains that provide consumer
    dynamic IP address space. I'm using this list internally but thought I'd
    make it public in case others can use it.

    Trying to inspire innovation.

    Example:

    dig comcast.com.isphosts.junkemailfilter.com

    This list was created by grabbing the registry barrier part of the
    domain name of IPs from other DNS lists that list the IPs as dynamic.


  4. Re: DNS ISP Host List Available


    On Thu, May 29, 2008 20:52, Marc Perkel wrote:

    > Here's my list in dnsrbl format. I only do rsync so far to paid
    > subscribers or people who I'm trading with.


    could you atleast stop posting html on maillist ?

    the list is around 60k and the recieved email here is doubled to 129k ://


    Benny Pedersen
    Need more webspace ? http://www.servage.net/?coupon=cust37098


  5. Re: DNS ISP Host List Available

    Marc Perkel wrote:
    > Here's my list in dnsrbl format. I only do rsync so far to paid
    > subscribers or people who I'm trading with.
    >

    Dude. Seriously. The data is appreciated but next time please post it
    on a website or something. Your mail pissed off my smart phone! It
    might not be the best device out there but it normally works for me.

    I'm more disgruntled about the frozen device than the email itself so
    feel free to wallop me with a frozen trout or whatever.
    --Blaine


  6. Re: DNS ISP Host List Available

    Marc Perkel wrote:
    > I've also created a DNS based list of domains that provide consumer
    > dynamic IP address space. I'm using this list internally but thought I'd
    > make it public in case others can use it.
    >
    > Trying to inspire innovation.
    >
    > Example:
    >
    > dig comcast.com.isphosts.junkemailfilter.com
    >
    > This list was created by grabbing the registry barrier part of the
    > domain name of IPs from other DNS lists that list the IPs as dynamic.
    >
    >


    NJABL & PBL already provide this, AND they are already part of
    SpamAssassin AND they work quite well.
    So, while you are 'trying to inspire innovation', you should take note
    of this potential problem:
    http://www.rhyolite.com/anti-spam/you-might-be.html

    Ken

    --
    Ken Anderson
    Pacific.Net


  7. Re: DNS ISP Host List Available



    Ken A wrote:
    > Marc Perkel wrote:
    >> I've also created a DNS based list of domains that provide consumer
    >> dynamic IP address space. I'm using this list internally but thought
    >> I'd make it public in case others can use it.
    >>
    >> Trying to inspire innovation.
    >>
    >> Example:
    >>
    >> dig comcast.com.isphosts.junkemailfilter.com
    >>
    >> This list was created by grabbing the registry barrier part of the
    >> domain name of IPs from other DNS lists that list the IPs as dynamic.
    >>
    >>

    >
    > NJABL & PBL already provide this, AND they are already part of
    > SpamAssassin AND they work quite well.
    > So, while you are 'trying to inspire innovation', you should take note
    > of this potential problem:
    > http://www.rhyolite.com/anti-spam/you-might-be.html
    >
    > Ken
    >


    They have name based lists? Show me where.


  8. Re: DNS ISP Host List Available

    On Thu, 29 May 2008, Ken A wrote:

    > http://www.rhyolite.com/anti-spam/you-might-be.html


    So how is a proponent of the "Hunt down and kill spammers very messily"
    FUSSP classified?

    --
    John Hardin KA7OHZ http://www.impsec.org/~jhardin/
    jhardin@impsec.org FALaholic #11174 pgpk -a jhardin@impsec.org
    key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
    -----------------------------------------------------------------------
    Have you ever seen a more scarily useless group of people running
    for president? -- Barry@blogspot
    -----------------------------------------------------------------------
    159 days until the Presidential Election


  9. Re: DNS ISP Host List Available

    mouss wrote:
    > are you using an old imode phone The message was about 125Ko.
    > That's less than a small photo (I say this because that's what a
    > "smartphone" is for, no?).
    >

    Samsung SCH-i760 on Verizon that takes forever to download mail so when
    something longer than about 4k comes in it takes a while. Doesn't
    really freeze the phone but it doesn't exactly respond well either. It
    works...mostly.

    > hope this mail is ok

    Not a problem!

    --Blaine


  10. Re: DNS ISP Host List Available

    John Hardin wrote:
    > So how is a proponent of the "Hunt down and kill spammers very
    > messily" FUSSP classified?


    In the US, they would be classified as a felon.

    --Blaine


  11. Re: DNS ISP Host List Available

    On Thu, 29 May 2008, Blaine Fleming wrote:

    > John Hardin wrote:
    >> So how is a proponent of the "Hunt down and kill spammers very
    >> messily" FUSSP classified?

    >
    > In the US, they would be classified as a felon.


    Nah, I think that one falls under "praiseworthy".

    --
    John Hardin KA7OHZ http://www.impsec.org/~jhardin/
    jhardin@impsec.org FALaholic #11174 pgpk -a jhardin@impsec.org
    key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
    -----------------------------------------------------------------------
    Have you ever seen a more scarily useless group of people running
    for president? -- Barry@blogspot
    -----------------------------------------------------------------------
    159 days until the Presidential Election


  12. Re: DNS ISP Host List Available

    > >Marc Perkel wrote:
    > >>I've also created a DNS based list of domains that provide consumer
    > >>dynamic IP address space. I'm using this list internally but thought
    > >>I'd make it public in case others can use it.
    > >>
    > >>Trying to inspire innovation.
    > >>
    > >>Example:
    > >>
    > >>dig comcast.com.isphosts.junkemailfilter.com
    > >>
    > >>This list was created by grabbing the registry barrier part of the
    > >>domain name of IPs from other DNS lists that list the IPs as dynamic.


    > Ken A wrote:
    > >NJABL & PBL already provide this, AND they are already part of
    > >SpamAssassin AND they work quite well.
    > >So, while you are 'trying to inspire innovation', you should take note
    > >of this potential problem:
    > >http://www.rhyolite.com/anti-spam/you-might-be.html


    On 29.05.08 14:49, Marc Perkel wrote:
    > They have name based lists? Show me where.


    why should anyone need name-based lists?

    --
    Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
    Warning: I wish NOT to receive e-mail advertising to this address.
    Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
    I intend to live forever - so far so good.


  13. Re: DNS ISP Host List Available

    John Hardin wrote:
    > On Thu, 29 May 2008, Ken A wrote:
    >
    >> http://www.rhyolite.com/anti-spam/you-might-be.html

    >
    > So how is a proponent of the "Hunt down and kill spammers very messily"
    > FUSSP classified?
    >


    I'm suggesting that some homework should be done before creating a list
    of this or that and then promoting it as something that it's NOT on the
    SA users list.

    A list of dynamic IP addresses is already available in the
    correct/usable form. There's no need for a 'name based' version.

    Marc said "This list was created by grabbing the registry barrier part
    of the domain name of IPs from other DNS lists that list the IPs as
    dynamic."

    That would seem to translate to doing a reverse lookup or whois on PBL
    or NJABL IPs. That's fine, but then he claims that his list is a "list
    of domains that provide consumer dynamic IP address space".

    But it's not. It may give you IP address ownership information if your
    list is created using whois, but it doesn't tell you what ISP (domain)
    assigned the address to the customer. If you are depending on reverse
    lookups, then the info is more suspect, since ISPs are not very good at
    keeping in-addr.arpa zones up to date. Also, many larger network
    operators and ISPs trade/lease/rent consumer IP address space to other
    ISPs very frequently. These addresses roam around to various ISPs. There
    is no 1-to-1 mapping.

    Ken



    --
    Ken Anderson
    Pacific.Net


  14. Re: DNS ISP Host List Available



    Matus UHLAR - fantomas wrote:
    >>> Marc Perkel wrote:
    >>>
    >>>> I've also created a DNS based list of domains that provide consumer
    >>>> dynamic IP address space. I'm using this list internally but thought
    >>>> I'd make it public in case others can use it.
    >>>>
    >>>> Trying to inspire innovation.
    >>>>
    >>>> Example:
    >>>>
    >>>> dig comcast.com.isphosts.junkemailfilter.com
    >>>>
    >>>> This list was created by grabbing the registry barrier part of the
    >>>> domain name of IPs from other DNS lists that list the IPs as dynamic.
    >>>>

    >
    >
    >> Ken A wrote:
    >>
    >>> NJABL & PBL already provide this, AND they are already part of
    >>> SpamAssassin AND they work quite well.
    >>> So, while you are 'trying to inspire innovation', you should take note
    >>> of this potential problem:
    >>> http://www.rhyolite.com/anti-spam/you-might-be.html
    >>>

    >
    > On 29.05.08 14:49, Marc Perkel wrote:
    >
    >> They have name based lists? Show me where.
    >>

    >
    > why should anyone need name-based lists?
    >
    >


    Name based DNS lists are more reliable because IP addresses can change.
    The name based list covers all IP addresses where the FCrDNS resolves to
    that name.



  15. Re: DNS ISP Host List Available

    Marc Perkel wrote:
    >
    >
    > Matus UHLAR - fantomas wrote:
    >>>> Marc Perkel wrote:
    >>>>
    >>>>> I've also created a DNS based list of domains that provide consumer
    >>>>> dynamic IP address space. I'm using this list internally but
    >>>>> thought I'd make it public in case others can use it.
    >>>>>
    >>>>> Trying to inspire innovation.
    >>>>>
    >>>>> Example:
    >>>>>
    >>>>> dig comcast.com.isphosts.junkemailfilter.com
    >>>>>
    >>>>> This list was created by grabbing the registry barrier part of the
    >>>>> domain name of IPs from other DNS lists that list the IPs as dynamic.
    >>>>>

    >>
    >>
    >>> Ken A wrote:
    >>>
    >>>> NJABL & PBL already provide this, AND they are already part of
    >>>> SpamAssassin AND they work quite well.
    >>>> So, while you are 'trying to inspire innovation', you should take
    >>>> note of this potential problem:
    >>>> http://www.rhyolite.com/anti-spam/you-might-be.html
    >>>>

    >>
    >> On 29.05.08 14:49, Marc Perkel wrote:
    >>
    >>> They have name based lists? Show me where.
    >>>

    >>
    >> why should anyone need name-based lists?
    >>
    >>

    >
    > Name based DNS lists are more reliable because IP addresses can change.


    Obviously dynamic IPs and names change. Thats all built into DHCP (lease
    time) and DNS (TTLs). So, please elaborate on your thinking here.

    > The name based list covers all IP addresses where the FCrDNS resolves to
    > that name.


    Okay, so only domains that have dns setup correctly get into the list?
    That leaves out huge chunks of the world. How is this more reliable? It
    is probably a small subset of dynamic address space.

    The botnet plugin does a good job of making use of broken & dnynamic DNS
    names in SA. PBL and NJABL do a good job of identifying IP address space
    that is dynamic. What can this method do better or is it supposed to do
    something else?

    Ken


    >
    >



    --
    Ken Anderson
    Pacific.Net


  16. RE: DNS ISP Host List Available

    IMHO regex setups are even more reliable we do this with our postfix setup.

    For example:
    /^c-.+-.+-.+-.+\..+\..+\.comcast\.net$/ REJECT
    dynamic ip address use isp for outgoing email - access.regex

    I think is more reliable than just by name or especially by IP since IP
    allocations do change.

    -L

    --
    Larry Ludwig
    Empowering Media
    1-866-792-0489 x600
    Managed and Unmanaged Xen VPSes
    http://www.hostcube.com/




    _____

    From: Marc Perkel [mailto:marc@perkel.com]
    Sent: Friday, May 30, 2008 12:04 PM
    To: users@spamassassin.apache.org
    Subject: Re: DNS ISP Host List Available




    Matus UHLAR - fantomas wrote:

    Marc Perkel wrote:



    I've also created a DNS based list of domains that provide consumer

    dynamic IP address space. I'm using this list internally but thought

    I'd make it public in case others can use it.



    Trying to inspire innovation.



    Example:



    dig comcast.com.isphosts.junkemailfilter.com



    This list was created by grabbing the registry barrier part of the

    domain name of IPs from other DNS lists that list the IPs as dynamic.







    Ken A wrote:



    NJABL & PBL already provide this, AND they are already part of

    SpamAssassin AND they work quite well.

    So, while you are 'trying to inspire innovation', you should take note

    of this potential problem:

    http://www.rhyolite.com/anti-spam/you-might-be.html





    On 29.05.08 14:49, Marc Perkel wrote:



    They have name based lists? Show me where.





    why should anyone need name-based lists?






    Name based DNS lists are more reliable because IP addresses can change. The
    name based list covers all IP addresses where the FCrDNS resolves to that
    name.





  17. Message-ID:Reply-To:References:MIME-Version:Content-Type:In-Reply-To; b=w6+pUaIEU+A6N2fgnXJTjMzBttJUCTPMEZBjW9WQU3rQOVV4 CxKxLw4jlAk5T8cPMfdl1GP/KKS6WRvm8guLv/0ToCSvZBFCmwoyalYY53SPkEWf6DWDgK0iM9nG6X4/9gArYyCKcGMF8RywS1IDzi9Rj07Dmc3hGdUwfN8TuWg=

    On Thu, May 29, 2008 at 11:25:19AM -0700, Marc Perkel wrote:
    > I've also created a DNS based list of domains that provide consumer
    > dynamic IP address space. I'm using this list internally but thought I'd
    > make it public in case others can use it.
    >
    > Trying to inspire innovation.
    >
    > Example:
    >
    > dig comcast.com.isphosts.junkemailfilter.com
    >
    > This list was created by grabbing the registry barrier part of the
    > domain name of IPs from other DNS lists that list the IPs as dynamic.


    How is one supposed to use this list? You posted a _very_ general list that
    will match all the ISPs legimate outgoing MX servers too. So it's must not
    be for blocking or even positive scoring.


  18. Re: DNS ISP Host List Available



    Henrik K wrote:
    > On Thu, May 29, 2008 at 11:25:19AM -0700, Marc Perkel wrote:
    >
    >> I've also created a DNS based list of domains that provide consumer
    >> dynamic IP address space. I'm using this list internally but thought I'd
    >> make it public in case others can use it.
    >>
    >> Trying to inspire innovation.
    >>
    >> Example:
    >>
    >> dig comcast.com.isphosts.junkemailfilter.com
    >>
    >> This list was created by grabbing the registry barrier part of the
    >> domain name of IPs from other DNS lists that list the IPs as dynamic.
    >>

    >
    > How is one supposed to use this list? You posted a _very_ general list that
    > will match all the ISPs legimate outgoing MX servers too. So it's must not
    > be for blocking or even positive scoring.
    >
    >


    As I said. I'm trying to inspire innovation. For example, if you have an
    URIBL list and subtract out the ISP hosts then you woud have a name
    based blacklist. That's one of the ways I'm using it. It is not a
    blacklist. I'm making it available for anyone who might find it useful
    but you will have to figure it out for yourself. I am just providing the
    information.



  19. Message-ID:Reply-To:References:MIME-Version:Content-Type:In-Reply-To; b=XpUr6A7HmPxweWAB8+YJwQq699KfoHPTSL/bZAD6SQf4YexGKjqEDPYSPiSIDl79xCpwQaqrByyxMPyRjxkhz WSnXWjl+qdP+1xo9k4XYWAlYxrUwjoLlas5nS5sN8PVfNuvdJ7 7pr0hbSuJYIslDN0pnVdRaWezlIR13t9nxHs=

    On Sat, May 31, 2008 at 07:38:19AM -0700, Marc Perkel wrote:
    >
    >
    > Henrik K wrote:
    >> On Thu, May 29, 2008 at 11:25:19AM -0700, Marc Perkel wrote:
    >>
    >>> I've also created a DNS based list of domains that provide consumer
    >>> dynamic IP address space. I'm using this list internally but thought
    >>> I'd make it public in case others can use it.
    >>>
    >>> Trying to inspire innovation.
    >>>
    >>> Example:
    >>>
    >>> dig comcast.com.isphosts.junkemailfilter.com
    >>>
    >>> This list was created by grabbing the registry barrier part of the
    >>> domain name of IPs from other DNS lists that list the IPs as dynamic.
    >>>

    >>
    >> How is one supposed to use this list? You posted a _very_ general list that
    >> will match all the ISPs legimate outgoing MX servers too. So it's must not
    >> be for blocking or even positive scoring.
    >>
    >>

    >
    > As I said. I'm trying to inspire innovation. For example, if you have an
    > URIBL list and subtract out the ISP hosts then you woud have a name
    > based blacklist. That's one of the ways I'm using it. It is not a
    > blacklist. I'm making it available for anyone who might find it useful
    > but you will have to figure it out for yourself. I am just providing the
    > information.


    Ok, you should have been clear on that from the beginning to reduce list
    noise.

    I can't think of any use for DNS list though, you should provide a
    downloadable list if you want it to be free.


  20. Re: DNS ISP Host List Available

    Hi Marc,

    Am 2008-05-29 11:52:50, schrieb Marc Perkel:
    > Here's my list in dnsrbl format. I only do rsync so far to paid
    > subscribers or people who I'm trading with.


    Missing Domains:

    .freenet.de
    .arcor.de
    .arcor.com

    Thanks, Greetings and nice Day
    Michelle Konzack
    Systemadministrator
    24V Electronic Engineer
    Tamay Dogan Network
    Debian GNU/Linux Consultant


    --
    Linux-User #280138 with the Linux Counter, http://counter.li.org/
    ##################### Debian GNU/Linux Consultant #####################
    Michelle Konzack Apt. 917 ICQ #328449886
    +49/177/9351947 50, rue de Soultz MSN LinuxMichi
    +33/6/61925193 67100 Strasbourg/France IRC #Debian (irc.icq.com)

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.1 (GNU/Linux)

    iD8DBQFIQfk/C0FPBMSS+BIRAgoWAKCDfVNcjfx0KIhl4Bz7l5+O8PRylwCeMV Tn
    6gWZ/ztLf/CQaD9KIu8/cpo=
    =lZk3
    -----END PGP SIGNATURE-----


+ Reply to Thread
Page 1 of 2 1 2 LastLast