[SLL] collaborate on a dnsbl?

Thu May 12 22:17:06 PDT 2005

On Thu, May 12, 2005, Jeremy C. Reed wrote:

I set up my own rbl.  I pipe a spam to through a wrapper that, in turn,
gets sent to a certain user name which automatically includes that address
in the rbl (the rbl is on a remote box).

The address is entered into a hash db with the date and after 30 days, it
gets automatically removed.  The nice thing about it is that I can include
addresses pretty arbitrarily since they get dropped automatically.   This
is good because Windows users do figure out that their box is cracked in
less than 30 days.  It also has a whitehat list of its own, so if I try
to reject an address on the whitehat list, it doesn't make it to the rbl.

At one time, it parsed my mail log and any repeaters go incremented and
remained on the list, but that part is broken.  I need to re-write the
parser.

It's pretty slick, but I can't say that doing it alone is really cost
effective - but it does stop some repeat offenders, so it kills a few
and it *sure feels good.

My rbl file has a magic line, and anything above that line gest included
permanently.

I think this is the kind of system that's being suggested here.  If I
were to make the rbl public and send people my outgoing wrapper file, any
mail sent top a certain user on my system would automagicaly be entered.

> I continue to get virus and spams sent to my systems that aren't listed on
> the RBLs that I use. I also sometimes check a set of other RBLs and not
> listed.
> 
> What do you all use for easily submitting IPs to blacklists?
> 
> (I am scared to automate because I don't want to submit IPs from good mail
> servers that relay spam to me, such as my NetBSD, FreeBSD, SeaBUG admin
> and other accounts.)
> 
> Or would anyone be interested in starting another DNS-based realtime
> black list?
> 
> Today I want to block these new IPs:
> 
> 216.173.42.231
> 216.173.42.231
> 216.32.65.170
> 201.9.139.17
> 205.152.59.68
> 200.223.105.63
> 201.26.42.65
> 220.70.47.191
> 216.55.167.24
> 209.152.168.19
> 84.94.109.202
> 65.54.187.58 -- spam via hotmail, so probably shouldn't block this
> 213.228.0.62
> 194.85.123.64
> 194.85.123.64
> 222.145.82.226
> 59.32.250.179
> 217.12.10.182
> 196.47.2.58
> 84.129.188.159
> 218.208.229.196
> 81.101.65.25
> 222.104.247.124
> 201.14.44.5
> 
> I guess some of these could be in some DNSBLs by now.
> 
>  Jeremy C. Reed
> 
>  	  	 	 BSD News, BSD tutorials, BSD links
> 	  	 	 http://www.bsdnewsletter.com/
> 
----------------------------------------------------------------------
* Tom Redfern | Address: 23015 Edmonds Way Apt #A43 Edmonds WA 98020 *
*             | Email:      thos at fonebone.net                        *
*             | Phone:      425-778-5320                             * 
----------------------------------------------------------------------
Democracy:  A government of the masses.  Authority derived through mass
meeting or any other form of "direct" expression.  Results in mobocracy.
Attitude toward property is communistic-negating property rights.
Attitude toward law is that the will if the majority shall regulate.
Whether it is bases upon deliberation or governed by passion, prejudice,
and impulse, without restraint or regard to consequences.  Results in
demagogism, license, agitation, discontent, anarchy.
	US War Dept. Training Manual TM 2000-25 Isssued Nov. 30 1928