On Thu, 2004-12-02 at 11:53, Joe Emenaker wrote:
> Christopher X. Candreva wrote:
>
> >On Wed, 1 Dec 2004, Robert LeBlanc wrote:
> >
> >This actually sounds like it would be a good public DNSBL. Rather than have
> >everyone fingerprint, the central DNSBL would perform fingerprinting of IPs
> >th
Christopher X. Candreva wrote:
On Wed, 1 Dec 2004, Robert LeBlanc wrote:
This actually sounds like it would be a good public DNSBL. Rather than have
everyone fingerprint, the central DNSBL would perform fingerprinting of IPs
that are requested and not in the cache, then cache the results.
Otherw
On Wed, 1 Dec 2004, Robert LeBlanc wrote:
> One workaround might be to use a local DNSBL (e.g. rbldnsd), and create
> a new IP address entry in the DNSBL based on the p0f results. A script
This actually sounds like it would be a good public DNSBL. Rather than have
everyone fingerprint, the cent
Hi Joe,
At 15:51 01-12-2004, Joe Emenaker wrote:
That was the first thought through my mind when I read the original post.
No need for a full-blown fingerprint... just see if they look "server-ish"
or not. Try connecting to 25... and then maybe telnet, ssh, http, and imap.
You cannot assume that
SM wrote:
At 08:54 01-12-2004, John Hardin wrote:
However, this sounds like it might be useful in Spamassassin: attempt to
contact the sender on port 25, and add a little to the spamminess score
if the connection is refused or times out.
That was the first thought through my mind when I read the o
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
John Hardin wrote:
| On Wed, 2004-12-01 at 03:30, Paul L Daniels wrote:
|
|>An interesting idea was floated by my eyeballs recently for combatting
|>invalid email (especially since zombie machines are now rather
|>prevailant), what if you could fingerpr
Hi John,
At 08:54 01-12-2004, John Hardin wrote:
Interesting idea. It sounds a little heavy to be doing for every inbound
message, though, and it assumes that you're letting fingerprinting
traffic out of your network - I, for example, block all NetBIOS and
similar ports at my boundary, so fingerpri
On Wed, 2004-12-01 at 09:05, Jason Philbrook wrote:
> On Wed, Dec 01, 2004 at 08:54:00AM -0800, John Hardin wrote:
> > However, this sounds like it might be useful in Spamassassin: attempt to
> > contact the sender on port 25, and add a little to the spamminess score
> > if the connection is refuse
On Wed, Dec 01, 2004 at 08:54:00AM -0800, John Hardin wrote:
> On Wed, 2004-12-01 at 03:30, Paul L Daniels wrote:
> > An interesting idea was floated by my eyeballs recently for combatting
> > invalid email (especially since zombie machines are now rather
> > prevailant), what if you could fingerpr
On Wed, 2004-12-01 at 03:30, Paul L Daniels wrote:
> An interesting idea was floated by my eyeballs recently for combatting
> invalid email (especially since zombie machines are now rather
> prevailant), what if you could fingerprint the sending server and
> (say) deny all Win XP/95/98 machines fro
10 matches
Mail list logo
