On 2024-01-19 12:42, Randolf Richardson, Postmaster via mailop wrote:
On 2024-01-19 06:47, Atro Tossavainen via mailop wrote:
On Fri, Jan 19, 2024 at 03:31:19PM +0100, hg user wrote:
Ok sorry not "most" but "some may"...
My checkpoint rep said that they get their reputation lists from other
companies... is it wrong ?
It's possible that Check Point are just an aggregator and don't actually
have first-hand data. But I don't think of Check Point when somebody
says DNSBL, which may be my own failure :-D
As far as I've been able to tell, Spamhaus, SURBL, Abusix, SpamCop,
SORBS, UCEProtect, PSBL at least all have their own data, I would
even go so far as to guess "exclusively".
You didn't accidentally ignore "SpamRats" did you? ;) But we do have
'some' reports of aggregators querying our data.. And of course there
are licensed users of our data. And there are some that 'white label'
the rejection, as if it is their own data..
But in general, there isn't much 'sharing' of data, some consolidation
of data from various sources.
For the REALLY bad guys though, it would be nice if there was more
sharing of data.. Or maybe an industry 'do not route' that all RBL
providers can include.
Spamhaus makes the DROP data available (which I believe is also
included in their SBL), which is useful for using firewalls to just
block or ignore connections from the worst offenders:
DROP Advisory Null List :: The Spamhaus Don't Route Or Peer
Lists
https://www.spamhaus.org/drop/
UCE Protect also has level 3 listings for the worst offenders,
although I don't recall the list being downloadable for firewall use:
UCEPROTECT Blacklist Policy LEVEL 3
https://www.uceprotect.net/en/index.php?m=3&s=5
The problem with all DNSBL providers including the same data from
one source is that errors can unfairly penalize with major impact
that DNSBL operators generally try to prevent.
A great believer in sharing, but we do all have to pay the bills.
The entire open source software movement is probably one of the very
best examples of altruistic sharing. Supporting people who create
useful open source solutions and/or contribute to open source deserve
financial support so they can more easily pay their bills too. :)
Well, technically UCEPROTECT-3 is not really a DROP list. And of
course, every RBL provider uses different logic to determine what is a
DROP list.
What would be nice, is to be able to have a single system, that takes in
data from say SpamHuas DROP lists, as well as others like our own
RATS-NULL list, and create a publicly accessible DROP list compiled by
the evidence of multiple providers.
With no single entity setting the reputation, and with public evidence,
it would make it a lot easier for the internet as a whole to trust this
data, and separate the bad operators from the internet as a whole.
Most of us in the industry know the real bad actors, bulletproof
hosters, hacker havens etc.. but it is a shame that everyone as a whole
is not protected from them.
A common source of reputation, something that say every Linux, Apple,
and Windows system could trust and enable by default at the network
layer.. Just not sure how to realistically make that happen, or how
those dedicated to the data intelligence and gathering could maintain
viability (eg, who pays for that work to continue).
Without eating your own lunch.
--
"Catch the Magic of Linux..."
------------------------------------------------------------------------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic" a Reg. TradeMark of Wizard Tower TechnoServices Ltd.
------------------------------------------------------------------------
604-682-0300 Beautiful British Columbia, Canada
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
