Announce

announce@lists.surbl.org

183 discussions

[SURBL-Announce] ANNOUNCE: How to report false positives in ob.surbl.org to OutBlaze
by Jeff Chan 26 Jul '04

26 Jul '04

We've updated the SURBL Lists document to add information about how to contact OutBlaze with reports about false positives in ob.surbl.org: http://www.surbl.org/lists.html "Please report false positives found in the ob list to postmaster at outblaze dot com. Be sure to include a supporting email explaining why the domain should not be listed." Jeff C. -- Jeff Chan mailto:jeffc@surbl.org http://www.surbl.org/

1 0

[SURBL-Announce] ANNOUNCE: lists.surbl.org added MXer: vmx03.prolocation.net
by Jeff Chan 18 Jul '04

18 Jul '04

We've added another round robin primary MXer for lists.surbl.org, where the SURBL mailing lists are coming from: vmx03.prolocation.net In case anyone is somehow authenticating sending servers, you may need to add this new server to any mail server whitelists, etc. The prolocation addresses and servers are generally not on RBLs, but it has been mentioned that some of their IPs may be listed in SPEWs (which is being checked and corrected if so). We mention this mainly because some people have gotten bounce (delivery failure) notifications from our Mailman (mailing list manager program) lately, and had their mail automatically disabled. To re-enable it, follow the instructions in the notification or visit the lists web site: http://lists.surbl.org/ This could also perhaps have been caused an intermittent problem while the new MXer was propagating in the DNS. lists.surbl.org preference = 10, mail exchanger = vmx01.prolocation.net lists.surbl.org preference = 10, mail exchanger = vmx02.prolocation.net lists.surbl.org preference = 10, mail exchanger = vmx03.prolocation.net lists.surbl.org preference = 100, mail exchanger = mx03.prolocation.net lists.surbl.org preference = 200, mail exchanger = mx01.prolocation.net lists.surbl.org preference = 300, mail exchanger = mx02.prolocation.net lists.surbl.org preference = 500, mail exchanger = mx04.prolocation.net vmx01.prolocation.net internet address = 212.127.254.132 vmx02.prolocation.net internet address = 212.127.254.133 vmx03.prolocation.net internet address = 81.23.230.33 mx03.prolocation.net internet address = 194.171.240.23 mx01.prolocation.net 213.73.255.243 mx02.prolocation.net 213.197.29.6 mx04.prolocation.net 213.206.89.181 Jeff C. -- Jeff Chan mailto:jeffc@surbl.org http://www.surbl.org/

1 0

Welcoming another new public name server
by Jeff Chan 03 Jul '04

03 Jul '04

We'd like to welcome and thank another new public name server administered by: Lindsay Snider of pa.net Without the help of all of our public nameservers and their administrators, SURBLs would not be possible. Thanks all! Jeff C. -- Jeff Chan mailto:jeffc@surbl.org http://www.surbl.org/

1 0

Welcoming a new public name server
by Jeff Chan 02 Jul '04

02 Jul '04

We'd like to welcome and thank a new public name server administered by: Mike Atkinson of kconline.com Without the help of all of our public nameservers and their administrators, SURBLs would not be possible. Thanks Mike, kconline and all! If anyone else would like to provide DNS for SURBLs to the Internet community, please contact us at rsync at surbl.org. :-) Jeff C. -- Jeff Chan mailto:jeffc@surbl.org http://www.surbl.org/

1 0

[SURBL-Announce] ANNOUNCE: New whitelist source: public companies' domains
by Jeff Chan 01 Jul '04

01 Jul '04

I've added a new whitelist source: domains of publically-traded companies listed at dmoz and Google: http://www.dmoz.org/Business/Major_Companies/Publicly_Traded/ http://directory.google.com/Top/Business/Major_Companies/Publicly_Traded/ (Public listing in this context means companies that can sell stock on U.S. exchanges. It includes mostly U.S. and some foreign companies, from large to small.) Each yields lists of about 4300 or so of mostly the same domains which are now all excluded from SURBLs. Here are the extracted dmoz and Google public company domain lists: http://spamcheck.freeapp.net/whitelists/public-companies-domains.dmoz.sort http://spamcheck.freeapp.net/whitelists/public-companies-domains.google.sort The scripts which produce these are at: http://spamcheck.freeapp.net/whitelists/public-companies/grab-dmoz http://spamcheck.freeapp.net/whitelists/public-companies/grab-google They're called from a cron job nightly to help keep the lists up to date. These new whitelists hit only a few production SURBL domains (at 14 out of about 40k records): autoweb.com cott.com egreetings.com fs.com infousa.com insweb.com ivillage.com learningtree.com mediabay.com net.com netcreations.com nutrisystem.com scholastic.com spss.com Interestingly, the 6dos data in ds.surbl.org hit a mostly different set: alloy.com befree.com commtouch.com digitalimpact.com doubleclick.com elsitio.com euniverse.com harrisinteractive.com herbalife.com infousa.com lifeminders.com mediaplex.com ncen.com netcreations.com netiq.com networkcommerce.com pcmall.com real.com uslec.com But the hits against 6dos are also few (at 19 out of about 87k records). Jeff C. -- Jeff Chan mailto:jeffc@surbl.org http://www.surbl.org/

1 0

ANNOUNCE: New SURBL lists: ob, ab, multi
by Jeff Chan 30 Jun '04

30 Jun '04

We are pleased to announce the availability of three new SURBL lists: ob.surbl.org - OutBlaze spamvertised sites ab.surbl.org - AbuseButler spamvertised sites multi.surbl.org - Combined SURBL list ob is a large list of about 20k spamvertised sites kindly provided by OutBlaze and based on data found in their spam traps. ob has a strong spam detection rate of around 70% and a low false positive rate around 0.1%. Only domains that have been registered within the past 90 days are included in ob.surbl.org and this "newness" requirement is probably one of the reasons for the low FP rate, given how quickly spammers use and must discard domains for their web sites. ab is a smaller list of the top 425 or so spamvertised sites over the past 7 days kindly provided by AbuseButler: http://spamvertised.abusebutler.com/ AbuseButler's data sources include SpamCop and native reports. In general philosophy and data processing styles, ab.surbl.org is similar to my own sc.surbl.org which is also based on SpamCop data, and the results of both lists are similar, but not identical. multi is a bitmask-combined version of all of the other lists plus an anti-phishing list provided by Mail Security: http://www.mailsecurity.net.au/ The latter is identified as "ph" and it is not available as a separate list as its size probably does not justify the resources of its own zone file, etc. However the data in ph is important since it represents sites likely to be criminally phishing for personal and financial information. Because list membership in multi.surbl.org is encoded in a bitmasked fashion, results from multi need to be decoded into their constituent lists by programs such as urirhssub in SpamAssassin 3.X. Support for this decoding may be back-ported into the SpamAssassin 2.63 program for using SURBLs, SpamCopURI. We expect that multi.surbl.org will become the list of choice for SURBL use going forward, due to the convenience of getting all list data in a single list, only needing to cache a single zone file, etc. More information about the all SURBL lists can be found at: http://www.surbl.org/lists.html Please feel free to ask questions or leave comments about SURBLs on our discussion list at: http://lists.surbl.org/mailman/listinfo/discuss Please let us know about any false positives at: whitelist at surbl dot org Cheers, Jeff C. -- Jeff Chan mailto:jeffc@surbl.org http://www.surbl.org/

1 0

[SURBL-Announce] ANNOUNCE: be.surbl.org deprecated, please use ws.surbl.org instead
by Jeff Chan 30 Jun '04

30 Jun '04

As part of an ongoing effort to consolidate spam message body URIs that were in sa-blacklist and BigEvil and MidEvil SpamAssassin rulesets, we have frozen be.surbl.org and merged its records into ws.surbl.org. Eventually the contents of be.surbl.org (and the list itself) may go away, so we ask that anyone using: be.surbl.org switch to: ws.surbl.org instead. ws.surbl.org, in addition to getting the old be.surbl.org data and Bill Stearns' locally found data is also receiving spam URI domains from Chris Santerre and others. ws.surbl.org is becoming a collection point for those anti-spam efforts. For those who wish to continue using SpamAssassin ruleset versions, Chris Santerre and the SARE Ninjas will let us know about future versions of BigEvil.cf and a successor wildcarded ruleset for use with SpamAssassin. (Chris, when you announce, please be sure to mention the relationships between the SURBL and ruleset versions of things so folks don't end up using both versions of the same data.) For those looking for more efficient use of the sa-blacklist and old BigEvil and MidEvil rulesets, the SURBL version of most of their domains: ws.surbl.org may be a good solution. Using this data as SURBLs greatly reduces the server memory footprint over the ruleset versions, for example. That can make the data more practical to use on smaller computers, or generally make more efficient use of system resources on larger, busier servers. Using DNS for distributing the data, however, SURBLs do require network access. For a relatively few situations, this may be an issue. More information about SURBLs can be found at: http://www.surbl.org/ Please feel free to ask questions or leave comments about SURBLs on our discussion list at: http://lists.surbl.org/mailman/listinfo/discuss Please let us know about any false positives at: whitelist at surbl dot org Jeff C. -- Jeff Chan mailto:jeffc@surbl.org http://www.surbl.org/

1 0

[SURBL-Announce] Welcoming three public name servers, checking with others, lists
by Jeff Chan 16 Jun '04

16 Jun '04

We'd like to welcome and thank three new public name servers administered by: Jake Zack of avalonworks.com Tony Copeland of uncw.edu Joe Boyce of shasta.com I think some other people may have offered to serve up the SURBL zones publically, and any help spreading the load around further will be appreciated. It looks like use of SURBLs could take off especially as SpamAssassin 3.0 has built in support for them using urirhsbl. If anyone else would like to serve zones publically, please contact Raymond and I at rsync at surbl.org . I should mention that we are now adding a zone with about 40k entries, ob.surbl.org, and we will also ask to serve a combined list multi.surbl.org soon. Multi will have the same number of entries as the largest list. Currently that's ws.surbl.org with under 20k entries, but multi will go to 40k when we add in ob in. sc.surbl.org remains at around 500 entries but could change when I get around to working on the new data engine. We will try to deprecate be.surbl.org since its domains are now in ws. We're still working out the details of what happens to be after that happens. More information on the lists can be found at: http://www.surbl.org/lists.html though I have not documented ob there yet. We are also looking into some other potential spam URI data sources such as proxypots, etc.: http://proxypot.org/ Cheers, Jeff C. -- Jeff Chan mailto:jeffc@surbl.org http://www.surbl.org/

1 0

ANNOUNCE: Brief SURBL maintenance outage
by Jeff Chan 13 Jun '04

13 Jun '04

The SURBL web site may be offline for a couple hours during the window from 23:30 to 02:30 U.S. Central time 12 June 2004 while the hosting provider upgrades their power equipment. SURBLs will continue to operate normally using the existing zone files, though updates may be delayed for an hour or two. Jeff C. -- Jeff Chan mailto:jeffc@surbl.org http://www.surbl.org/

1 0

[SURBL-Announce] ANNOUNCE: How to set up rbldnsd with BIND under FreeBSD
by Jeff Chan 26 May '04

26 May '04

I've added my notes to the site on how to locally mirror RBL zone files using rbldnsd with BIND on FreeBSD: http://www.surbl.org/rbldnsd-bind-freebsd.html Feel free to send me any corrections, updates, suggestions, questions, etc. Jeff C. -- Jeff Chan mailto:jeffc@surbl.org http://www.surbl.org/

1 0

← Newer
1
...
12
13
14
15
16
17
18
19
Older →

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

Announce