On Tue, 2011-01-04 at 00:58 +0100, mouss wrote:
> Le 03/01/2011 13:28, Jari Fredriksson a écrit :
> >
> > I want to secure a postfix site with rbls, no spamassassin at this
> > moment. (I use SpamAssassin on other sites, and no RBLs at SMTP time, so
> > I'm not very experienced with this. SA has m
Funny thing, and I think John Levine remembers 1994:
OH MY GOD, THE INTERNET WENT COMMERCIAL, with all these new computers,
its the end of the internet.
and the oft quoted:
"Breaking Story: Death of the Internet, gif at 11"
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
ISN: 1259
On 01/05/2011 05:14 AM, David F. Skoll wrote:
> On Tue, 04 Jan 2011 11:01:52 -0500
> Rob McEwen wrote:
>
>> When we are left with only whitelists and no blacklists, an
>> interesting problem will happen... there will be extreme prejudice
>> against ALL new IPs not already whitelisted.
> Life will
>In summary, I believe DNS caching is basically *useless* for any site
>small enough to use Spamhaus for free. And any very large site is
>probably large enough to deserve an rsync feed.
Hmmn. See the ASRG list where I've posted some numbers I worked up
from my own servers.
R's,
John
>This is a great topic! Is this been discussed at the IETF level?
Well, yeah, that's the internet draft that I started this with.
There's a parallel discussion in the IETF anti-spam research group
(ASRG) which is a better place to continue this.
See http://wiki.asrg.sp.am/ which has a link to su
On Tue, Jan 4, 2011 at 9:24 PM, David F. Skoll wrote:
> (Spamhaus could greatly lower the load on its servers by using much
> bigger TTLs, especially for lists that don't change often like the PBL.
> But as another posted mentioned, sometimes DNSBL owners want to see
> the queries, particularly i
Following up on myself...
> I ran a little experiment.
Just for fun, I took a day's worth of logs from a fairly busy server.
There were just over 3.1 million SMTP connections/day. If they'd been
using a DNSBL with a 15-minute TTL, they would have had about 1.13 million
cache misses and 1.97 mill
On Tue, 4 Jan 2011 06:18:55 -0800 (PST)
John Hardin wrote:
[DFS says all queries should be to authoritative name servers to avoid
cache blowouts.]
> You can't compare them. The nature of the queries is vastly different
> - the root nameservers only get queries like "where are the
> authoritative
On Tue, 04 Jan 2011 11:01:52 -0500
Rob McEwen wrote:
> When we are left with only whitelists and no blacklists, an
> interesting problem will happen... there will be extreme prejudice
> against ALL new IPs not already whitelisted. This will create a
> "chicken/egg" problem whereby a new startup c
Le 04/01/2011 17:01, Rob McEwen a écrit :
I've thought this through and... best case scenario is that spammers
then get 5+ years of play time because it will take at least that time
for those other techniques to catch up. Great damage will happen in the
meantime.
That scenario assumes rapid ado
On Tue, 04 Jan 2011 11:01:52 -0500
Rob McEwen wrote:
> I've thought this through and... best case scenario is that spammers
> then get 5+ years of play time because it will take at least that time
> for those other techniques to catch up.
Umm.. no. We have plenty of effective techniques we're u
On 1/4/2011 10:43 AM, David F. Skoll wrote:
> I agree that it's probably eventually "game over" for DNSBLs, but not
> for DNSWLs. DNSBLs are a pretty effective first-line defense against
> spam, but they will gradually become less and less effective as IPv6
> becomes more heavily adopted. That ju
On Tue, 4 Jan 2011, David F. Skoll wrote:
On Tue, 4 Jan 2011 06:18:55 -0800 (PST)
John Hardin wrote:
DNS needs to deal with an exponentially-increased address space
regardless of how RBLs behave. Perhaphs DNS caching needs to be
partitioned so that a huge number of queries on *.spamhaus.org d
On Tue, 4 Jan 2011 09:53:05 -0500
"Mike Gibson" wrote:
> I have recently inherited a web server with roughly 50 clients. Last
> week I started getting complaints about excessive amounts of junk
> mail being delivered.
spamassassin should be the last line of defence, you should be using
blockl
On Tue, 04 Jan 2011 10:34:43 -0500
Rob McEwen wrote:
> "game over".. the spammers have already won. And they are quite amused
> right now reading us discuss all different ways to rearrange the deck
> chairs on the Titanic.
We are talking at cross-purposes here, but I think we mostly agree. :)
>
On 1/4/11 9:53 AM, Mike Gibson wrote:
I have recently inherited a web server with roughly 50 clients. Last
week I started getting complaints about excessive amounts of junk mail
being delivered. I upgraded my SpamAssassin Rules, Clam AV,
MailScanner, and SpamAssassin Engine (3.2.5 à 3.3.1),
On 1/4/2011 9:31 AM, David F. Skoll wrote:
> Right, but once your cache is blown, you're back to always querying
> the authoritative server. John Levine proposes a fix with a clever way
> to represent many entries with a small number of queries so you don't blow
> your cache. I think making zone
I have recently inherited a web server with roughly 50 clients. Last week I
started getting complaints about excessive amounts of junk mail being
delivered. I upgraded my SpamAssassin Rules, Clam AV, MailScanner, and
SpamAssassin Engine (3.2.5 à 3.3.1), in that order. At first, this seemed to
On Tue, 4 Jan 2011 06:18:55 -0800 (PST)
John Hardin wrote:
> DNS needs to deal with an exponentially-increased address space
> regardless of how RBLs behave. Perhaphs DNS caching needs to be
> partitioned so that a huge number of queries on *.spamhaus.org don't
> blow everything else out of the c
On Tue, 4 Jan 2011, David F. Skoll wrote:
If the problem is blowing DNS caches, then one solution is to query only
authoritative name servers.
After all, the total volume of DNS[BW]L queries from mail servers even
without caching is probably very much less than the total volume of
queries that
A couple more cents on this topic...
If the problem is blowing DNS caches, then one solution is to query only
authoritative name servers.
Spamhaus, for example, permits 300,000 free queries per day. I bet
many small sites will be under this limit even if they query Spamhaus
directly with no cach
On 1/4/2011 1:57 AM, John Levine wrote:
> I also don't think it's very realistic to expect that there will
> be a master mail host file distributed periodically like HOSTS.TXT
> was. There's a reason that the DNS was invented, and at the time it
> was, there were a whole lot less hosts on the net
On Mon, Jan 3, 2011 at 9:27 PM, Jason Haar wrote:
> On 01/04/2011 04:50 PM, Dave Pooser wrote:
> > Frankly, I'd think that besides costing the spammers money (a good thing
> in
> > and of itself)
> ...spammers steal other people's resources - so they'll pay nothing...
> The best case scenario we
On Tue, Jan 4, 2011 at 8:27 AM, Jason Haar wrote:
> This is a great topic! Is this been discussed at the IETF level? This is
> much bigger than SA. From the sounds of this thread, spam under ipv6 is
> going to be almost an *infinitely* bigger problem than ipv4. What about
The IETF is where it's
24 matches
Mail list logo
