I made a version of Mr. Magill's script to read the dshield.org's
block list and create null routes for it. He deserves all of the
credit, but none of the blame in case it doesn't work for you. I'm not
a TCL programmer - use at your own risk.
Anyone else have any nifty TCL for Cisco scripts they ca
Ramasubramanian [mailto:ops.li...@gmail.com]
Sent: Wednesday, January 19, 2011 6:20 PM
To: Thomas Magill
Cc: nanog@nanog.org
Subject: Re: Update Spamhaus DROP list from Cisco CLI (TCL)
Did you try this
http://www.spamhaus.org/faq/answers.lasso?section=DROP%20FAQ#168
LInks to Marco d'Itri's &q
On 1/19/2011 8:19 PM, Jared Mauch wrote:
This was done once before, it was called MAPS at the time. Using BGP
as a signaling mechanic for this stuff can obviously be useful. The
challenge has always been balancing the trust with a 3rd party with
the other operational requirements.
It's only
l
wrote:
> Previous conversations made me decide this would be fun to do so I ignored
> all my real work today and made it happen.
>
> I built a TCL script that can be mapped to an alias ("alias exec updatedrop
> tclsh updatedrop.tcl") that will connect to the Spamhaus DROP l
drop.tcl") that will connect to the Spamhaus DROP list and route
> all of the prefixes to null0. It should alsbo be able to be mapped to a kron
> job, but I haven't tested that and I've heard there are issues with kron+tcl
> unless you tie it to an EEM event. It adds a name in
Previous conversations made me decide this would be fun to do so I ignored all
my real work today and made it happen.
I built a TCL script that can be mapped to an alias ("alias exec updatedrop
tclsh updatedrop.tcl") that will connect to the Spamhaus DROP list and route
all of the p
> Date: Tue, 16 Jun 2009 19:49:36 -0400
> From: Bret Clark
> Subject: Re: spamhaus drop list
>
> John Levine wrote:
> > Not that I've ever seen. Nobody else has the breadth of data that
> > Spamhaus does.
> >
> > I've been using it for ages and
.
I strongly concur with John: using the Spamhaus DROP list is incredibly
effective not just against spam but against many other forms of abuse.
I use a script to update various routers/firewalls/mail systems once
a week, and there have been no problems of any kind with it.
---Rsk
On Thu, Jun 18, 2009 at 5:29 AM, Sean Donelan wrote:
> On Wed, 17 Jun 2009, Suresh Ramasubramanian wrote:
>>
>> The cymru bogons list and the spamhaus drop list target two entirely
>> distinct issues and they shouldnt be confused together.
>
> Correct. And whatever
On Wed, 17 Jun 2009, Suresh Ramasubramanian wrote:
The cymru bogons list and the spamhaus drop list target two entirely
distinct issues and they shouldnt be confused together.
Correct. And whatever list you use, for whatever purpose, at the time you
start using it also set up a process to
Patrick W. Gilmore wrote:
I have not used MAPS, so I cannot comment on its utility. but I have
never heard a single credible claim Mr. Vixie is a spammer, more or less
a verifiable one. (Yes, that includes the claim below.) From my personal
experience, Mr. Vixie is very much the opposite of a sp
Traffic from bogon IP space is more likely than anything else to be
the result of misconfiguration rather than a spammer abusing it.
The cymru bogons list and the spamhaus drop list target two entirely
distinct issues and they shouldnt be confused together.
On Wed, Jun 17, 2009 at 2:14 PM
Hi!
Both containing prefixes that should not be announced on the internet,
but often used by spammers trying to deliver their content.
When did you experience this last time, this is not what we see on
various antispam projects.
So if you have new information, please share, we didnt see bog
spammers trying to deliver their content.
Original message
Subject: RE: spamhaus drop list
Date: Tue, 16 Jun 2009 14:00:51 -0400
From: Quinn Mahoney
To:
> Is there a competing droplist, that can be compared against
> Spamhaus's droplist? That seems like an extrao
John Levine wrote:
Not that I've ever seen. Nobody else has the breadth of data that
Spamhaus does.
I've been using it for ages and based on zero complaints, it's never
blocked anything that any of my users wanted.
R's,
John
I have to agree with this...I'm somewhat surprised to see some of
> Is there a competing droplist, that can be compared against
> Spamhaus's droplist?
Not that I've ever seen. Nobody else has the breadth of data that
Spamhaus does.
I've been using it for ages and based on zero complaints, it's never
blocked anything that any of my users wanted.
R's,
John
On Jun 16, 2009, at 4:43 PM, Peter Dambier wrote:
http://wnagele.com/2007/06/19/spamhouseorg-vs-nicat/
Another problem with spamhaus, they want to earn money.
The Pirates Party in germany is a nonprofit.
Nevertheless our mailers use a fixed addresses and when
you query spamhaus long enough from
http://wnagele.com/2007/06/19/spamhouseorg-vs-nicat/
Another problem with spamhaus, they want to earn money.
The Pirates Party in germany is a nonprofit.
Nevertheless our mailers use a fixed addresses and when
you query spamhaus long enough from a fixed address
you are put on a blacklist and fed w
your choice. I think you know mine.
--
TTFN,
patrick
-Original Message-
From: Dean Anderson [mailto:d...@av8.com]
Sent: Monday, June 15, 2009 6:10 PM
To: Quinn Mahoney
Cc: nanog@nanog.org
Subject: Re: spamhaus drop list
I suggest you avoid spamhaus, MAPS, and SORBS. They are really
0 PM
> To: Quinn Mahoney
> Cc: nanog@nanog.org
> Subject: Re: spamhaus drop list
>
> I suggest you avoid spamhaus, MAPS, and SORBS. They are really spammers
> in disguise, using blacklists to harm their competition while presumably
> letting their own spam through. We know they
> Is there a competing droplist, that can be compared against Spamhaus's
> droplist? That seems like an extraordinary claim, so I'm not satisfied
> with the evidence provided. Is this not the best droplist?
Obviously the Spamhaus DROP list should be evaluated - you should
y, June 15, 2009 6:10 PM
To: Quinn Mahoney
Cc: nanog@nanog.org
Subject: Re: spamhaus drop list
I suggest you avoid spamhaus, MAPS, and SORBS. They are really spammers
in disguise, using blacklists to harm their competition while presumably
letting their own spam through. We know they have used trust o
Once upon a time, Fred Baker said:
> On Jun 15, 2009, at 1:16 PM, Quinn Mahoney wrote:
> >Or use this script which null routes the traffic (I guess it's not a
> >big deal getting the syn packets, as long as the mail won't send
> >because of the null route)
>
> I you are using uRPF, the SYN pa
On Jun 15, 2009, at 1:16 PM, Quinn Mahoney wrote:
Or use this script which null routes the traffic (I guess it's not a
big deal getting the syn packets, as long as the mail won't send
because of the null route)
I you are using uRPF, the SYN packets won't get through either,
because they
I'm looking to implement the Spamhaus drop list.
http://www.spamhaus.org/drop/index.lasso
On their FAQ they have a script that looks like it grabs the lists text
file and connects to a given router, and tells you what has changed in
the list, and what your router is null routing. I'
25 matches
Mail list logo
