From jm@jmason.org Mon Nov 1 23:12:58 2004 From: jm@jmason.org To: discuss@lists.surbl.org Subject: Re: [SURBL-Discuss] Nice URIDNSBL functionality Date: Mon, 01 Nov 2004 14:12:26 -0800 Message-ID: <20041101221226.D1901590031@radish.jmason.org> In-Reply-To: <03bd01c4c05c$460dcbd0$bfc8a8c0@iis.com> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============3023170059483124338==" --===============3023170059483124338== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Fred writes: > Jeff Chan wrote: > > It may be worth pointing out that uridnsbl does not look up the > > IP address of the URI against RBLs, but the IP address of the > > URI domain's *name server*. It's not the same thing as checking > > the web server against an RBL, but looking up name servers is > > quite effective if the RBL contains some addresses of spammer > > name servers, as sbl.spamhaus.org definitely does. > > I just have to say THANK YOU BILL! I sat down today to accomplish exactly > this, I thought I had an original idea but it looks like you beat me to it. > I posted in Bugzilla few days ago to the SA devs that we need this > functionality. > > I just wanted to querry the websites NS server to see if it's listed in > SBL-XBL because 9 times out of 10 when I go to report a domain to WS, it's > almost always listed in SBL-XBL. > > How hard would it be to querry the A record for the domain as well? hi guys -- the difficulty with the latter is that it's trivial to avoid. a spammer can do spam! and just ensure that "49583495849skjldkjfsdio7345809.domain.com" has an A record, and that "www.domain.com" and "domain.com" do not, and their spam gets past. However no domain can avoid having an NS record for "domain.com". - --j. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Exmh CVS iD8DBQFBhrTKMJF5cimLx9ARAgTKAKCHshKSWEEy8ePlIhW8uZ1w8dfILgCghKDk rANKXcJbiZzXv9DQjn5RPzM= =C3AO -----END PGP SIGNATURE----- --===============3023170059483124338==--