On Tue, 11 Feb 2003, Rich Puhek wrote: > > > Malte S. Stretz wrote: > > On Tuesday 11 February 2003 18:51 CET Tony L. Svanstrom wrote: > > > >>[...] > >> When a domain is involved in spamming it's added to a list, and whenever > >>a local user is trying to access that website he gets a "hardcoded" > >>IP-address pointing to a server with a "This domain is not available due > >>to spamming"- page; and likewise with e-mails (bouncing with a "not > >>available due to spamming"-message). > >> > >> This would, of course, be used mainly by ISPs (or pretty much anyone > >>running a DNS-server); and there would be a lot of security/trust-stuff > >>involved.... but... ignoring that... what do you all think?= > > > > > > Here in Germany we've currenty got a BIG discussion about a similar topic: > > One state ordered some ISPs to block access to some Nazi sites [1]: > > | [...] The provider have been demanded to block their customers' access to > > | two right-wing extremists' web-sites being hosted in the USA. That does > > | not mean blocked access only, but blocked communication of any kind with > > | the people behind it as well - e-mails etc. shall be made impossible. > > | > > | At the moment, a pilot-project of a filter-system is being tested, which > > | will be used to block the access to questionable web-sites. Those websites > > | offer - according to German law - illegal content such as nazi-propaganda > > | and are proved to endanger children and the youth. But: the blocking > > | measurement also includes access to any web-site complying with these > > | premises, no matter where it is hosted. [...] > > > > Leaving out the legal aspects, this just won't work technically. You'll have > > the same problems as with RBLs: Loads of collateral damage. > >
I've gotta agree w/ Malte for the most part. However, I see a larger problem in using DNS to do your work. If some product began blocking URL's based on domain names and DNS, and reached anywhere near the popularity of SpamAssassin, spammers will start to modify their tactics, and simply use IP's, and/or IP/port combo's. If you're going to devote time to a project meant to block requests for URL's in spam, especially if it's targetted at ISP's, a transparent content filtering box would be much more appropriately suited. There's a lot of expensive ones out there, but it is definately pooible to build your own. This would allow you to maintain a simple list of domains, as you suggested, as well as IP's, and IP/port combo's, or full URL's, or protocol analysis for anything, and even spamassassin-like heuristics run over all requests or results to determine whether they should recieve the page or not. It'd also allow you to tie in RADIUS info from the ISP, or custom IP databases, or whatever, to determine what customers have filtering applied to their traffic (instead of tainting dns for everyone using your dns server). Personally, I never want to be kept from accessing anything. But it does make loads of sence for some situations (libraries, schools, companies, christian/religious isp's, government offices, access for children, etc). Just somethign to think about before ya start. -- Josh I. ------------------------------------------------------- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
