Hi!
How large will the list be, and can we, before proceeding with adding new lists, work on the combined list?
The list by nature will not be large. Most phishing attacks seem to use IP's of compromised machines or domain names which are shut down quite quickly. Our expiry policy is designed to keep it this way & to avoid FP's due to old records.
We're also hoping to develop a system for ISP's/netblock owners to close incidents once the attack has been mopped up.
If thats the case, and thats also what i notice on my end, isnt it a better way of using a list like DSBL for those ?
Or is blocking with URI effective on these kind of spams also ? Abviously it is, but just checking :)
Sounds ok to me to get the list going, but first i want to complete the previous steps.
I think the intention was for our data to be integrated directly into William's prior to arriving at nameservers, however Jeff is more likely to be able to confirm this :)
That would be perfect, saves the trouble of making a seperate list.
Would only be nice for example to give a specific code back, so people see what the hit triggered... But thats possible, we only need to reserve a code in that case.
Bye, Raymond.