[SURBL-Discuss] Proposal to add some anti-phishing data to SURBL

Raymond Dijkxhoorn raymond at prolocation.net
Tue May 4 12:03:11 CEST 2004


Hi!

> > How large will the list be, and can we, before proceeding with adding new
> > lists, work on the combined list?

> The list by nature will not be large.  Most phishing attacks seem to use
> IP's of compromised machines or domain names which are shut down quite
> quickly.  Our expiry policy is designed to keep it this way & to avoid FP's
> due to old records.
> 
> We're also hoping to develop a system for ISP's/netblock owners to close
> incidents once the attack has been mopped up.

If thats the case, and thats also what i notice on my end, isnt it a 
better way of using a list like DSBL for those ? 

Or is blocking with URI effective on these kind of spams also ? 
Abviously it is, but just checking :) 

> > Sounds ok to me to get the list going, but first i want to complete the
> > previous steps.
>
> I think the intention was for our data to be integrated directly into
> William's prior to arriving at nameservers, however Jeff is more likely to
> be able to confirm this :)

That would be perfect, saves the trouble of making a seperate list. 

Would only be nice for example to give a specific code back, so people see 
what the hit triggered... But thats possible, we only need to reserve a 
code in that case.

Bye,
Raymond.



More information about the Discuss mailing list