On Fri, 2012-11-23 at 02:25 +, Chih-Cherng wrote:
> Martin Gregorie gregorie.org> writes:
>
> >
> > On Tue, 2012-11-20 at 01:26 +, Chih-Cherng wrote:
> >
> > > Notification help raise victims' security
> > > awareness, and motivate them to fix vulnerabilites within their computers.
> >
Martin Gregorie gregorie.org> writes:
>
> On Tue, 2012-11-20 at 01:26 +, Chih-Cherng wrote:
>
> > Notification help raise victims' security
> > awareness, and motivate them to fix vulnerabilites within their computers.
> >
> I have my doubts about this. I have friends who help at retiree'
> It would likely be a good idea to block IP's in this list from using
> authenticated SMTP to relay not?
Definitely not. We did so one week for testing. And had a lot of trouble with
customers espacially using mobile/smartphones.
Don't do this. This rbl does only make sense if you have diff
On 11/21/2012 01:44 AM, Matt wrote:
Spamhaus already do this. It's called the Exploits Block List (XBL):
http://www.spamhaus.org/xbl/
To quote:
The Spamhaus Exploits Block List (XBL) is a realtime database of IP
addresses of hijacked PCs infected by illegal 3rd party exploits, including
open p
At 16:44 20-11-2012, Matt wrote:
authenticated SMTP to relay not? Is there a way in apache .htaccess
to block access based on xbl.spamhaus.org? I want to block exploited
IP's from webmail etc as well.
http://www.lucaercoli.it/mod_spamhaus.html
Regards,
-sm
> Spamhaus already do this. It's called the Exploits Block List (XBL):
>
> http://www.spamhaus.org/xbl/
>
> To quote:
>
> The Spamhaus Exploits Block List (XBL) is a realtime database of IP
> addresses of hijacked PCs infected by illegal 3rd party exploits, including
> open proxies (HTTP, socks, An
On 11/20/12 4:51 PM, Dave Warren wrote:
Don't get me wrong, outbound spam filtering is a great idea, but it
should be done by the MSA, not at the ISP level as ISPs have no clue
as to what type of activity is legitimate or not for a particular user.
On 20/11/12 20:26, Cathryn Mataga wrote:
Easy enough to block #25 by default -- turn it on for anyone who asks.
Indeed.
I think the idea of a botnet black hole list is great, really.
Spamhaus already do this. It's called the Exploits Block List (XBL):
http://www.spamhaus.org/xbl/
To quo
On 11/20/2012 07:17, David F. Skoll wrote:
Would you approve of a Ralph Nader-like approach of suing Microsoft
for knowingly producing defective and insecure software? Detroit was
shamed, bullied and sued into improving the safety of its cars; do you
think that could work with Microsoft?
Given
On 11/20/2012 04:29, Jason Ede wrote:
However, ISP's blocking smtp ports for suspected spammers would help... Ideally
they'd block all traffic on port 25 or 587 not sent through their SMTP engine
which would do some basic spam checks...
Please don't ever suggest blocking port 587. Using port
On 11/20/2012 4:29 AM, Jason Ede wrote:
However, ISP's blocking smtp ports for suspected spammers would help... Ideally
they'd block all traffic on port 25 or 587 not sent through their SMTP engine
which would do some basic spam checks...
Easy enough to block #25 by default -- turn it on for
On 11/20/2012 12:37 PM, David F. Skoll wrote:
Ignorance is no defence, at least in the UK.
In Canada, ignorance of the law is no defence, but ignorance of the
facts is. In other words, if you're completely ignorant of the fact
that your computer is a botnet member, it could be a defence.
I woul
On Tue, 20 Nov 2012, Robert A. Ober wrote:
On 11/20/12 6:29 AM, Jason Ede wrote:
However, ISP's blocking smtp ports for suspected spammers would help...
Ideally they'd block all traffic on port 25 or 587 not sent through their
SMTP engine which would do some basic spam checks...
___
On Tue, 20 Nov 2012 17:09:27 +
Ned Slider wrote:
> >> Personally I'd like to see some large corporates go after some
> >> infected home users in the courts for wilful damage.
> > I think they'd lose. Most home users could make a compelling case
> > that they were unaware of the infection an
On 20/11/12 15:17, David F. Skoll wrote:
On Tue, 20 Nov 2012 15:10:57 +
Ned Slider wrote:
Personally I'd like to see some large corporates go after some
infected home users in the courts for wilful damage.
I think they'd lose. Most home users could make a compelling case
that they were
On Tue, 2012-11-20 at 10:14 -0600, Robert A. Ober wrote:
> Which might block my legitimate server and some of my clients who are on
> Comcast Business. This has been brought up frequently but is a bad
> idea. Too often folks in larger organizations forget about us little guys.
>
So you think
On 11/20/12 6:29 AM, Jason Ede wrote:
However, ISP's blocking smtp ports for suspected spammers would help... Ideally
they'd block all traffic on port 25 or 587 not sent through their SMTP engine
which would do some basic spam checks...
Which might block
On Tue, 20 Nov 2012 15:10:57 +
Ned Slider wrote:
> Personally I'd like to see some large corporates go after some
> infected home users in the courts for wilful damage.
I think they'd lose. Most home users could make a compelling case
that they were unaware of the infection and lacked the t
On 20/11/12 14:30, David F. Skoll wrote:
On Tue, 20 Nov 2012 14:26:49 +
Martin Gregorie wrote:
Nah, prevent all connections except HTML and SMTP/POP3 to the ISPs
help desk and set of 'clean your act up' pages, so they can't ignore
the mess their computer is in.
And have escalating charge
On Tue, 20 Nov 2012 14:26:49 +
Martin Gregorie wrote:
> Nah, prevent all connections except HTML and SMTP/POP3 to the ISPs
> help desk and set of 'clean your act up' pages, so they can't ignore
> the mess their computer is in.
And have escalating charges for reinstating Internet access after
On Tue, 2012-11-20 at 12:29 +, Jason Ede wrote:
> However, ISP's blocking smtp ports for suspected spammers would
> help... Ideally they'd block all traffic on port 25 or 587 not sent
> through their SMTP engine which would do some basic spam checks...
>
Nah, prevent all connections except HTM
Message-
>> From: Martin Gregorie [mailto:mar...@gregorie.org]
>> Sent: 20 November 2012 11:29
>> To: users@spamassassin.apache.org
>> Subject: Re: How to report a spam botnet
>>
>> On Tue, 2012-11-20 at 01:26 +, Chih-Cherng wrote:
>>
>>> No
On Tue, 20 Nov 2012 12:29:00 +
Jason Ede wrote:
> However, ISP's blocking smtp ports for suspected spammers would
> help... Ideally they'd block all traffic on port 25 or 587 not sent
> through their SMTP engine which would do some basic spam checks...
They shouldn't (and typically don't) bl
.org]
> Sent: 20 November 2012 11:29
> To: users@spamassassin.apache.org
> Subject: Re: How to report a spam botnet
>
> On Tue, 2012-11-20 at 01:26 +, Chih-Cherng wrote:
>
> > Notification help raise victims' security awareness, and motivate them
> > to fix vul
On Tue, 2012-11-20 at 01:26 +, Chih-Cherng wrote:
> Notification help raise victims' security
> awareness, and motivate them to fix vulnerabilites within their computers.
>
I have my doubts about this. I have friends who help at retiree's
computer clubs and with disinfecting their friend's c
Michael Monnerie is.it-management.at> writes:
>
> [crosspost postfix-users and spamassassin-users]
>
> Am Sonntag, 18. November 2012, 14:08:08 schrieb Michael Monnerie:
> > How should we report those IPs, is there a "anti botnet unit"
> > somewhere?
>
> Lets concentrate back on the subject, I
On 19/11/12 06:18, Michael Monnerie wrote:
[crosspost postfix-users and spamassassin-users]
Am Sonntag, 18. November 2012, 14:08:08 schrieb Michael Monnerie:
How should we report those IPs, is there a "anti botnet unit"
somewhere?
Lets concentrate back on the subject, I got this answer:
nor
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
We are probably a little bit off topic here but it is an interesting
subject.
My experience is that reporting a suspected bot is only effective if the
receiver is a larger university or similair institution.
If some RBL provider wants to accept my li
Michael Monnerie wrote:
>> > normally it makes no sense to report botnets
>>
>> And this is what makes me worry. Botnets are todays biggest source of
>> spam, and nobody has ever started to fight it really? There are tons of
>> tools for every small issue, but nothing to cope with the biggest shi
Am 19.11.2012 07:18, schrieb Michael Monnerie:
> [crosspost postfix-users and spamassassin-users]
>
> Am Sonntag, 18. November 2012, 14:08:08 schrieb Michael Monnerie:
>> How should we report those IPs, is there a "anti botnet unit"
>> somewhere?
>
> Lets concentrate back on the subject, I got t
On 11/19/2012 07:18 AM, Michael Monnerie wrote:
[crosspost postfix-users and spamassassin-users]
Am Sonntag, 18. November 2012, 14:08:08 schrieb Michael Monnerie:
How should we report those IPs, is there a "anti botnet unit"
somewhere?
Lets concentrate back on the subject, I got this answer:
[crosspost postfix-users and spamassassin-users]
Am Sonntag, 18. November 2012, 14:08:08 schrieb Michael Monnerie:
> How should we report those IPs, is there a "anti botnet unit"
> somewhere?
Lets concentrate back on the subject, I got this answer:
> normally it makes no sense to report botnets
Am 18.11.2012 19:35, schrieb Robert Schetterer:
> Am 18.11.2012 14:08, schrieb Michael Monnerie:
>> We've got one users e-mail password hacked, and at the sime time a lot
>> of different IPs started to use that address. Here is the list. How
>> should we report those IPs, is there a "anti botnet
Am 18.11.2012 14:08, schrieb Michael Monnerie:
> We've got one users e-mail password hacked, and at the sime time a lot
> of different IPs started to use that address. Here is the list. How
> should we report those IPs, is there a "anti botnet unit" somewhere?
> What is the best way to fight it?
We've got one users e-mail password hacked, and at the sime time a lot
of different IPs started to use that address. Here is the list. How
should we report those IPs, is there a "anti botnet unit" somewhere?
What is the best way to fight it?
008.021.006.226
014.139.187.017
014.149.118.062
014.1
35 matches
Mail list logo
