Michele Neylon:: Blacknight.ie wrote:
Jeff Chan wrote:
IIRC someone wrote one for Firefox, but it was implemented brokenly. I think a browser plug in is a great idea, but I'd be a little concerned about the new DNS queries it would generate.
How does anyone else feel, particularly operators of our public nameservers?
What would be the goal of a browser plugin?
To warn the browser's user (me, ATM) that the site they are visiting is spamvertised and/or a reported phishing site. Useful for those who do not have control over their mail server, especially if they're using webmail.
Also a proof-of-concept of the "right way" to implement a phishing blacklist -- without sacrificing user privacy.
Matthew.van.Eerde@hbinc.com wrote:
To warn the browser's user (me, ATM) that the site they are visiting is spamvertised and/or a reported phishing site. Useful for those who do not have control over their mail server, especially if they're using webmail.
Also a proof-of-concept of the "right way" to implement a phishing blacklist -- without sacrificing user privacy.
Wanring an end user that the site is spamvertised may appeal to some people, but I can't really see much benefit to users in general.
As for phishing sites... That might be worth exploring, but is SURBL data the best way of handling this?
On Monday, February 13, 2006, 1:45:13 PM, Michele Blacknight.ie wrote:
Matthew.van.Eerde@hbinc.com wrote:
To warn the browser's user (me, ATM) that the site they are visiting is spamvertised and/or a reported phishing site. Useful for those who do not have control over their mail server, especially if they're using webmail.
Also a proof-of-concept of the "right way" to implement a phishing blacklist -- without sacrificing user privacy.
Wanring an end user that the site is spamvertised may appeal to some people, but I can't really see much benefit to users in general.
Given that some spamvertised sites probably have virus and trojan horse loaders, it could be useful. Also many people would probably prefer not to support spammers.
As for phishing sites... That might be worth exploring, but is SURBL data the best way of handling this?
It's one way. It may not be the best and it's certainly not the only way. OTOH DNSBLs already exist and are a somewhat reasonable way to get data out.
Jeff C. -- Don't harm innocent bystanders.
Jeff Chan a écrit :
Given that some spamvertised sites probably have virus and trojan horse loaders, it could be useful. Also many people would probably prefer not to support spammers.
another nice thing would be to have this for squid. I see something like "The page you are trying to visit is this and that. are you sure?" (with a link to still be able to visit the final site if the user feels safe:).
anyone looked at this?
mouss wrote:
Jeff Chan a écrit :
Given that some spamvertised sites probably have virus and trojan horse loaders, it could be useful. Also many people would probably prefer not to support spammers.
another nice thing would be to have this for squid. I see something like "The page you are trying to visit is this and that. are you sure?" (with a link to still be able to visit the final site if the user feels safe:).
anyone looked at this?
That would be really useful
On Tuesday, February 14, 2006, 11:32:28 AM, mouss mouss wrote:
Jeff Chan a écrit :
Given that some spamvertised sites probably have virus and trojan horse loaders, it could be useful. Also many people would probably prefer not to support spammers.
another nice thing would be to have this for squid. I see something like "The page you are trying to visit is this and that. are you sure?" (with a link to still be able to visit the final site if the user feels safe:).
anyone looked at this?
IIRC It's come up on this list before.
Raymond wrote June 2004:
I couldn't find any way of using a dns blacklist such as sc.surbl.org as a squid acl, has anyone done this?
This is pretty simple, you can stip all the domains, and you can feed them directly in a ACL for Squid. Nice idea btw.
Bye, Raymond.
July 2004 Bill Stearns wrote:
What's the problem with using a proxy? I have instructions athttp://www.stearns.org/sa-blacklist/ on how to use the sa-blacklist (the data underlying ws.surbl.org) in both squid and privoxy, using those proxies to block web access to the spammer web sites. Squid, at least, is available on both unix and windows (see http://www.cygwin.com).
Joe wrote in September 2004:
I've just adapted an old script I use with squid to remove unwanted ads to use surbl...
This works as a redirector - this means, each time someone ask for an url matching surbl database, squid will redirect the query to a locally saved web page - e.g. a web page showing the site policy or a simple error message.
For the while, this is a very draft script, but it works fine.
I'll surely improve it and maybe write a C version which shall be much faster for huge domains.
You can get it at :
http://j-chkmail.ensmp.fr/surbl/squid-surbl-itAll feedback is welcome.
Best
Jose-Marcio
There have also been references to Squidguard:
which may be a possible starting point.
I'd still be concerned about the impact of widespread proxy usage on the queries into our nameservers. Caching could help somewhat.
Taking a step back this is somewhat of a misuse of the tool since SURBLs mainly have lists of domains advertised in spams, and the intended use of the data is to identify future spams based on that information. So they're meant to identify spams, not block access to web sites.
Jeff C. -- Don't harm innocent bystanders.
Hi!
How does anyone else feel, particularly operators of our public nameservers?
What would be the goal of a browser plugin?
To warn the browser's user (me, ATM) that the site they are visiting is spamvertised and/or a reported phishing site. Useful for those who do not have control over their mail server, especially if they're using webmail.
Any idea waht this would do to the nameservers we are running, checking each and every URI a user visits? Rather usefull but also rather silly. There are vendors allready doing this, they are free to use the plugin, but please dont use the public infrastructure for this goal. Or are you somehow distributing the data together with the plugin, dont think so?
Thanks, Raymond.
-
Jeff Chan -
Matthew.van.Eerde@hbinc.com -
Michele Neylon:: Blacknight.ie -
mouss -
Raymond Dijkxhoorn