SM wrote:
Botnet Plugin sounds like a plugin that detect botnets ... If
Rasmus is finding that many false positives, then he's using the wrong
tools.
Well I am not using the botnet plugin because i am not sure how to
implement it with the SA engine running in Icewarp Merak. Anyway we do
On 1/15/2009 1:36 AM, Rasmus Haslund wrote:
SM wrote:
"Botnet Plugin" sounds like a plugin that detect botnets ... If
Rasmus is finding that many false ositives, then he's using the wrong tools.
Well I am not using the botnet plugin because i am not sure how to
implement
At 01:36 15-01-2009, Rasmus Haslund wrote:
implement it with the SA engine running in Icewarp Merak. Anyway we do
have alot of problems with FP when we try out new things and I just have
to say some things just does not work good on a large scale where you
have to deal with all kinds og
On Tue, 13 Jan 2009 05:28:42 -0500, si g_b...@yahoo.co.uk wrote:
Guys,
I'm sure you're as sad as I am re- temporary suspension of the brilliant
services offered by Steve Basford and is helpers at Sane Security. In a
sick kind of way, the 'bad guys' are acknowledging the work these guys
After a loud outcry from our users from the increasing level of spam in
their inboxes, I installed the Botnet Plugin.
Is this something that can be used with the SA in Icewarp Merak?
NOWACO A/S
Rasmus Haslund
shape, but we certainly notice that the Sane
Security stuff isn't there any more.
Mup.
--- On Wed, 14/1/09, John Rudd jr...@ucsc.edu wrote:
From: John Rudd jr...@ucsc.edu
Subject: Re: Temporary 'Replacements' for SaneSecurity
To: Paul Griffith pa...@cse.yorku.ca
Cc: g_b...@yahoo.co.uk, users
How's it working for you, so far?
On Wed, Jan 14, 2009 at 06:12, Paul Griffith pa...@cse.yorku.ca wrote:
On Tue, 13 Jan 2009 05:28:42 -0500, si g_b...@yahoo.co.uk wrote:
Guys,
I'm sure you're as sad as I am re- temporary suspension of the brilliant
services offered by Steve Basford and is
Rasmus Haslund wrote:
After a loud outcry from our users from the increasing level of spam in
their inboxes, I installed the Botnet Plugin.
Is this something that can be used with the SA in Icewarp Merak?
Because Rasmus manages a mail server where B2B mail is routinely
sent/received
On Wed, Jan 14, 2009 at 06:59, Rob McEwen r...@invaluement.com wrote:
Regarding using the Botnet Plugin as a replacement for SaneSecurity... I
found that the _best_ part about SaneSecurity was its assistance with
catching spam that could NOT ever be caught using _any_ kind of DNSBL.
Botnet
On Wed, 2009-01-14 at 09:59 -0500, Rob McEwen wrote:
Rasmus Haslund wrote:
After a loud outcry from our users from the increasing level of spam in
their inboxes, I installed the Botnet Plugin.
Is this something that can be used with the SA in Icewarp Merak?
Because Rasmus
John Rudd wrote:
Botnet isn't a DNSBL...
I never said it was a DNSBL.
But it definitely has a particular focus on the sending IP, and that
sending IP's rDNS. Therefore, for all practical purposes, it is trying
to do the job of a DNSBL. As I recall, the discussion about BotNet's
development
Rob McEwen wrote:
And I thing it is
probably better used as a scoring list instead of a blocking list.
oops. I meant probably better scored below threshold, since, of
course, BotNet isn't a list.
--
Rob McEwen
http://dnsbl.invaluement.com/
r...@invaluement.com
+1 (478) 475-9032
si-12 wrote:
I appreciate that great progress is being mad re- getting the service back
online again, but in the mean time was wondering ... has anyone found
anything as effective as a temporary replacement or enhancement?
One rsync server is already up and running and is currently being
On Wed, 14 Jan 2009, Rob McEwen wrote:
QUESTIONS:
Is SaneSecurity still collecting data and generating the rulesets? (but
just not able to distribute them)
I was wondering that myself, and was also wondering whether there was a
way to leverage the Coral cache system to avoid DDoS - for
Is there any way that a more distributed method of delivering
updates could be more resistant to DDOS attacks? E.g.
trackerless bittorrents (DHT), or something along those lines?
Just wondering in general
On Wed, January 14, 2009 17:33, John Hardin wrote:
Is there any other distributed content distribution system they
could use for free this way?
bittorrent ?
(micro$oft have problem delivering windows 7 betas from there
network, opensource problems ?) :=)
--
Benny Pedersen
Need more
On Wed, 14 Jan 2009 09:23:51 -0500, John Rudd jr...@ucsc.edu wrote:
How's it working for you, so far?
On Wed, Jan 14, 2009 at 06:12, Paul Griffith pa...@cse.yorku.ca wrote:
On Tue, 13 Jan 2009 05:28:42 -0500, si g_b...@yahoo.co.uk wrote:
Guys,
I'm sure you're as sad as I am re- temporary
-- Forwarded message --
From: Bret Miller bret.mil...@wcg.org
To: John Rudd jr...@ucsc.edu
Date: Tue, 21 Aug 2007 13:08:06 -0700
Subject: RE: BOTNET Exceptions for Today
Bret Miller wrote:
Maybe these aren't false positives because botnet is identifying them for
what they
At 06:59 14-01-2009, Rob McEwen wrote:
Because Rasmus manages a mail server where B2B mail is routinely
sent/received _globally_, Rasmus is the king of finding FPs. I could be
wrong, but judging from previous reports about the Botnet Plugin, I
predict that Rasmus will either (a) find the Botnet
SM wrote:
Botnet Plugin sounds like a plugin that detect botnets ... If
Rasmus is finding that many false positives, then he's using the wrong
tools.
No. This is just due to the fact that, unfortunately, some mail servers
and IPs (which send desired and solicited messages) are somewhat
None of my friends are on
services that are that poorly configured
No friends on Verizon? Their @#$% mail servers are 70% of my FPs.
--
Dave Pooser
Cat-Herder-in-Chief, Pooserville.com
...Life is not a journey to the grave with the intention of arriving
safely in one pretty and well-preserved
On Wed, Jan 14, 2009 at 13:06, Dave Pooser dave...@pooserville.com wrote:
None of my friends are on
services that are that poorly configured
No friends on Verizon? Their @#$% mail servers are 70% of my FPs.
Heh. Guess not :-)
Rob McEwen a écrit :
SM wrote:
Botnet Plugin sounds like a plugin that detect botnets ... If
Rasmus is finding that many false positives, then he's using the wrong
tools.
No. This is just due to the fact that, unfortunately, some mail servers
and IPs (which send desired and solicited
At 12:44 14-01-2009, Rob McEwen wrote:
No. This is just due to the fact that, unfortunately, some mail servers
and IPs (which send desired and solicited messages) are somewhat
incorrectly configured. It turns out that a distributor receiving
legitimate business e-mail from vendors customers in
24 matches
Mail list logo
