Quoting Giampaolo Tomassoni <[EMAIL PROTECTED]>:
From: Jeff Chan [mailto:[EMAIL PROTECTED]
There are lots of legitimate reasons to delegate zones, for example,
migration to a new nameserver. I suggest you ask someone who runs
major nameservers. I have.
This is a temporary solution. Later you
> -Original Message-
> From: Jeff Chan [mailto:[EMAIL PROTECTED]
> Sent: Saturday, January 26, 2008 4:33 PM
>
>
> There are lots of legitimate reasons to delegate zones, for example,
> migration to a new nameserver. I suggest you ask someone who runs
> major nameservers. I have.
This i
Quoting Jeff Chan <[EMAIL PROTECTED]>:
DNS works by delegation from parent zones to child zones.
Or more generally from one zone to another. DNS is built on
delegation. Some spammers abuse delegation in unusual ways, but not
all unusual delegation is abuse.
Jeff C.
Quoting Giampaolo Tomassoni <[EMAIL PROTECTED]>:
-Original Message-
From: Jeff Chan [mailto:[EMAIL PROTECTED]
Sent: Saturday, January 26, 2008 12:23 PM
Quoting Jeff Chan <[EMAIL PROTECTED]>:
> Quoting Giampaolo Tomassoni <[EMAIL PROTECTED]>:
>
>> The TLD root servers delegate the contr
> -Original Message-
> From: Jeff Chan [mailto:[EMAIL PROTECTED]
> Sent: Saturday, January 26, 2008 12:23 PM
>
> Quoting Jeff Chan <[EMAIL PROTECTED]>:
>
> > Quoting Giampaolo Tomassoni <[EMAIL PROTECTED]>:
> >
> >> The TLD root servers delegate the control of the II level domain to
> the
Quoting Jeff Chan <[EMAIL PROTECTED]>:
Quoting Giampaolo Tomassoni <[EMAIL PROTECTED]>:
The TLD root servers delegate the control of the II level domain to the NS
servers defined at registration time. That is delegation. But from there,
warping the entire domain to different NSes is not delega
Quoting Giampaolo Tomassoni <[EMAIL PROTECTED]>:
The TLD root servers delegate the control of the II level domain to the NS
servers defined at registration time. That is delegation. But from there,
warping the entire domain to different NSes is not delegation.
It is delegation.
Jeff C.
> -Original Message-
> From: Jeff Chan [mailto:[EMAIL PROTECTED]
> Sent: Saturday, January 26, 2008 8:39 AM
>
> Quoting Giampaolo Tomassoni <[EMAIL PROTECTED]>:
> >> From: Jeff Chan [mailto:[EMAIL PROTECTED]
>
> >> Yes, delegation is the other, more usual, way that the nameserver in
> >>
Quoting Giampaolo Tomassoni <[EMAIL PROTECTED]>:
From: Jeff Chan [mailto:[EMAIL PROTECTED]
Yes, delegation is the other, more usual, way that the nameserver in
the whois and TLD root server may differ. Some spammers do make use
of a lot of delegation, more than usual and sometimes in long ch
> -Original Message-
> From: Jeff Chan [mailto:[EMAIL PROTECTED]
> Sent: Friday, January 25, 2008 5:51 PM
>
> Quoting Giampaolo Tomassoni <[EMAIL PROTECTED]>:
>
> > Please note that one generally can't issue a DNS request to a
> specific
> > server from SA, since its resolver engine only
Quoting Giampaolo Tomassoni <[EMAIL PROTECTED]>:
Please note that one generally can't issue a DNS request to a specific
server from SA, since its resolver engine only uses the globally-defined DNS
server(s). Thereby, in the common case I should get the NSes published by
root servers, which shoul
> -Original Message-
> From: Matt Kettler [mailto:[EMAIL PROTECTED]
> Sent: Friday, January 25, 2008 3:07 PM
>
> Jeff Chan wrote:
> > Quoting Matt Kettler <[EMAIL PROTECTED]>:
> >
> >> Matt Kettler wrote:
> >>> Giampaolo Tomassoni wrote:
>
> It doesn't use whois *instead of* dns.
Giampaolo Tomassoni wrote:
-Original Message-
From: Matt Kettler [mailto:[EMAIL PROTECTED]
Sent: Friday, January 25, 2008 2:21 AM
Ahh, I see what you're doing, you're looking up the SOA. Which is
basically forcing the query down to the spammer's DNS server, and
opening yourself up
Jeff Chan wrote:
Quoting Matt Kettler <[EMAIL PROTECTED]>:
Matt Kettler wrote:
Giampaolo Tomassoni wrote:
It doesn't use whois *instead of* dns. It uses both and attempts
even to
detect any discrepancy between their responses.
Both types of queries can cause problems.
How are these goin
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
> Sent: Friday, January 25, 2008 11:25 AM
>
>
> > Giampaolo Tomassoni wrote:
> > > Well, I use and like URIBL_SBL, but please note that a centralized
> solution
> > > may easily be "fooled" the other way around, by g
> -Original Message-
> From: Jeff Chan [mailto:[EMAIL PROTECTED]
> Sent: Friday, January 25, 2008 9:37 AM
>
> Quoting Matt Kettler <[EMAIL PROTECTED]>:
>
> > Matt Kettler wrote:
> >> Giampaolo Tomassoni wrote:
> >>>
> >>> It doesn't use whois *instead of* dns. It uses both and attempts
>
> Giampaolo Tomassoni wrote:
> > Well, I use and like URIBL_SBL, but please note that a centralized solution
> > may easily be "fooled" the other way around, by giving it RRs which are not
> > the ones most people will see and will query for through the URIBL_SBL
> > itself. In order to do this sp
> -Original Message-
> From: Matt Kettler [mailto:[EMAIL PROTECTED]
> Sent: Friday, January 25, 2008 2:21 AM
>
> Matt Kettler wrote:
> > Giampaolo Tomassoni wrote:
> >>
> >> It doesn't use whois *instead of* dns. It uses both and attempts
> even to
> >> detect any discrepancy between their
Quoting Matt Kettler <[EMAIL PROTECTED]>:
Matt Kettler wrote:
Giampaolo Tomassoni wrote:
It doesn't use whois *instead of* dns. It uses both and attempts even to
detect any discrepancy between their responses.
Both types of queries can cause problems.
How are these going to be different??
Matt Kettler wrote:
Giampaolo Tomassoni wrote:
It doesn't use whois *instead of* dns. It uses both and attempts even to
detect any discrepancy between their responses.
How are these going to be different?? The information published to
whois has to match the information published to the auth
Giampaolo Tomassoni wrote:
-Original Message-
From: Matt Kettler [mailto:[EMAIL PROTECTED]
Sent: Thursday, January 24, 2008 6:38 AM
Giampaolo Tomassoni wrote:
Right, it is.
The URIWhois does not detect the registrar. It detects the name and
the
address of the DNS- an
John D. Hardin wrote:
On Thu, 24 Jan 2008, Jeff Chan wrote:
Quoting Matt Kettler <[EMAIL PROTECTED]>:
The only big difference I see at face value is it uses whois instead of
DNS to find the NS records.. that hardly seems efficient..
Whois is definitely the wrong protocol to us
On Thu, 24 Jan 2008, Jeff Chan wrote:
> Quoting Matt Kettler <[EMAIL PROTECTED]>:
>
> > The only big difference I see at face value is it uses whois instead of
> > DNS to find the NS records.. that hardly seems efficient..
>
> Whois is definitely the wrong protocol to use for automated
> testing
> -Original Message-
> From: Matt Kettler [mailto:[EMAIL PROTECTED]
> Sent: Thursday, January 24, 2008 6:38 AM
>
> Giampaolo Tomassoni wrote:
> >
> > Right, it is.
> >
> > The URIWhois does not detect the registrar. It detects the name and
> the
> > address of the DNS- and whois-defined NS
Quoting Matt Kettler <[EMAIL PROTECTED]>:
The only big difference I see at face value is it uses whois instead of
DNS to find the NS records.. that hardly seems efficient..
Whois is definitely the wrong protocol to use for automated testing,
especially for any high volumes. It was not desig
Giampaolo Tomassoni wrote:
Right, it is.
The URIWhois does not detect the registrar. It detects the name and the
address of the DNS- and whois-defined NSes for that domain.
So how is this substantially different from the URIDNSBL plugin that
comes with SA?
Bear in mind this plugin *DOES
> -Original Message-
> From: ram [mailto:[EMAIL PROTECTED]
> Sent: Monday, January 21, 2008 2:36 PM
>
> ...omissis...
> > Again, no registrar check, sorry. You could eventually use the:
> "uri_whois
> > nsname" or the "uri_whois nsaddr" tests to attempt catch these.
>
> I think I am missi
On Wed, 23 Jan 2008, ram wrote:
> > Allegedly 100% spam. Innocent until proven guilty, ect.
> >
> > NUCLEAR NAMES, INC.
>
> I would love to block all domains with these , but to think of it what
> is there to prevent them from getting themselves whitelisted by
> registering "good domains"
On Tue, 2008-01-22 at 11:34 -0500, Chris Santerre wrote:
> > As far as blacklisting entire registrars, can you
> > tell us any registrars that are 100% bad? I can't.
> >
> > Jeff C.
> >
>
> Allegedly 100% spam. Innocent until proven guilty, ect.
>
> NUCLEAR NAMES, INC.
> RED PILLAR
> As far as blacklisting entire registrars, can you
> tell us any registrars that are 100% bad? I can't.
>
> Jeff C.
>
Allegedly 100% spam. Innocent until proven guilty, ect.
NUCLEAR NAMES, INC.
RED PILLAR, INC.
MOUZZ INTERACTIVE INC.
NAMEVIEW, INC.
SOLID HUB, INC.
COMPANA, LLC
RED REGI
On Sat, 2008-01-19 at 13:38 +0100, Giampaolo Tomassoni wrote:
> > -Original Message-
> > From: ram [mailto:[EMAIL PROTECTED]
> > Sent: Saturday, January 19, 2008 11:47 AM
> >
> > I had read about the whois plugin into SA. But I cant seem to find it
> > now Can someone tell me how do I inst
From: "ram" <[EMAIL PROTECTED]>
Sent: Saturday, 2008, January 19 03:14
On Sat, 2008-01-19 at 04:51 -0600, Jeff Chan wrote:
Quoting ram <[EMAIL PROTECTED]>:
> I had read about the whois plugin into SA. But I cant seem to find it
> now Can someone tell me how do I install this
> I beleive that
> -Original Message-
> From: Giampaolo Tomassoni [mailto:[EMAIL PROTECTED]
> Sent: Saturday, January 19, 2008 1:38 PM
>
> ...omissis...
>
> In my own case, I see that the traffic of my MX servers is so low that
> no
> registrar banned my queries...
>
> However, most gTLD registries don't
> -Original Message-
> From: ram [mailto:[EMAIL PROTECTED]
> Sent: Saturday, January 19, 2008 11:47 AM
>
> I had read about the whois plugin into SA. But I cant seem to find it
> now Can someone tell me how do I install this
You can get a copy of the uriwhois plugin at:
http://ww
ram wrote:
> I hope this would change. Whois information must be standardized and
> must be available for automated queries
whois.rfc-ignorant.org lists at least 165 top-level domains that have no
whois server or provides incomplete data. This includes TLDs such
as .dk, .de and .eu.
/Per Jesse
On Sat, 2008-01-19 at 04:51 -0600, Jeff Chan wrote:
> Quoting ram <[EMAIL PROTECTED]>:
>
> > I had read about the whois plugin into SA. But I cant seem to find it
> > now Can someone tell me how do I install this
> > I beleive that could be a very effective idea to score on domain names
> > who ha
Quoting ram <[EMAIL PROTECTED]>:
I had read about the whois plugin into SA. But I cant seem to find it
now Can someone tell me how do I install this
I beleive that could be a very effective idea to score on domain names
who have bad registrars
Every hour hundreds of domains get registered pur
I had read about the whois plugin into SA. But I cant seem to find it
now Can someone tell me how do I install this
I beleive that could be a very effective idea to score on domain names
who have bad registrars
Every hour hundreds of domains get registered purely for the purpose of
spamming. T
38 matches
Mail list logo
