On [Fri, 11.06. 08:56], Tracy wrote:
At 03:09 6/11/2004, Goesta Smekal wrote:
I do a similar thing for two months : Every mail reportet to be infected
gets a
second treatment:
* look for originating IP (of SMTP envelope, _not_ headers)
* resolve its domain
* get the MX for that domain
*
On [Thu, 03.06. 14:43], alex wrote:
Tracy wrote:
At 08:22 6/3/2004, you wrote:
This is a CRAZY idea !
In a few time you have banned 50% or more of internet traffic !
alex wrote:
It's actually not a crazy idea, because a very large percentage of the
virus traffic on the
On [Mon, 07.06. 08:05], alex wrote:
On Jun 7, 2004, at 12:24 AM, Wim Verveen wrote:
I am actually trying this out. It doesn't catch a lot until now. Maybe
the database needs to grow or more 'points of measurement' are needed?
I think they need more points of measurement, the database
Goesta Smekal wrote:
I do a similar thing for two months : Every mail reportet to be infected gets a
second treatment:
* look for originating IP (of SMTP envelope, _not_ headers)
* resolve its domain
* get the MX for that domain
* if the IPs are not equal, block the host, since it is an
Smekal
Verzonden: vrijdag 11 juni 2004 9:25
Aan: [EMAIL PROTECTED]
Onderwerp: [xmail] Re: virus database
=20
On [Mon, 07.06. 08:05], alex wrote:
=20
On Jun 7, 2004, at 12:24 AM, Wim Verveen wrote:
=20
I am actually trying this out. It doesn't catch a lot until now.=20
Maybe the database
At 03:09 6/11/2004, Goesta Smekal wrote:
I do a similar thing for two months : Every mail reportet to be infected
gets a
second treatment:
* look for originating IP (of SMTP envelope, _not_ headers)
* resolve its domain
* get the MX for that domain
* if the IPs are not equal, block the host,
On Fri, 11 Jun 2004, Liron Newman wrote:
Goesta Smekal wrote:
I do a similar thing for two months : Every mail reportet to be infected gets a
second treatment:
* look for originating IP (of SMTP envelope, _not_ headers)
* resolve its domain
* get the MX for that domain
* if the IPs
On Jun 7, 2004, at 12:24 AM, Wim Verveen wrote:
I am actually trying this out. It doesn't catch a lot until now. Maybe
the database needs to grow or more 'points of measurement' are needed?
I think they need more points of measurement, the database doesnt
really grow because
they are only
: [xmail] Re: virus database
On Jun 7, 2004, at 12:24 AM, Wim Verveen wrote:
I am actually trying this out. It doesn't catch a lot until now. Maybe
the database needs to grow or more 'points of measurement' are needed?
I think they need more points of measurement, the database doesnt=20
really
I am actually trying this out. It doesn't catch a lot until now. Maybe
the database needs to grow or more 'points of measurement' are needed?
Wim=20
-Oorspronkelijk bericht-
Van: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Namens alex
Verzonden: donderdag 3 juni 2004 14:11
Aan:
This is a CRAZY idea !
In a few time you have banned 50% or more of internet traffic !
alex wrote:
more info: http://virbl.bit.nl/
--
---
SMS ad alta velocità via web: http://www.gatewaysms.it
At 08:22 6/3/2004, you wrote:
This is a CRAZY idea !
In a few time you have banned 50% or more of internet traffic !
alex wrote:
It's actually not a crazy idea, because a very large percentage of the
virus traffic on the Internet originates from end-user boxes (machines that
were never
Servitel srl - Roberto Pavesi wrote:
This is a CRAZY idea !
In a few time you have banned 50% or more of internet traffic !
alex wrote:
more info: http://virbl.bit.nl/
the internettraffic you're talking about are home pc's sending viruses not
mailservers. isp mailserver are whitelisted
Tracy wrote:
At 08:22 6/3/2004, you wrote:
This is a CRAZY idea !
In a few time you have banned 50% or more of internet traffic !
alex wrote:
It's actually not a crazy idea, because a very large percentage of the
virus traffic on the Internet originates from end-user boxes (machines
At 08:43 6/3/2004, you wrote:
as adsl-99-25-74-211.dsl.blvloh.ameritech.net). Since these kinds of
machines are 1) not intended to deliver mail, and 2) prohibited by their
ISP's Terms Of Service or Acceptable Use Policies from running mail
servers, there is no reason not to block them. And
they can also be pc's on a corporate network going out to the internet by a
server o firewall doing nat/pat, so it will be blocking some corporations
too.
chabral
alex [EMAIL PROTECTED] wrote:
Servitel srl - Roberto Pavesi wrote:
This is a CRAZY idea !
In a few time you have banned 50% or
To bring this to the realm of spam rather than viruses, I have some
of the RDNS blocking set up through SpamAssassin. I've noticed that
this sometimes creates false positives for mail that originated on a
dynamic DSL address, and then was relayed through that users ISP.
Would this same problem
At 09:36 6/3/2004, you wrote:
To bring this to the realm of spam rather than viruses, I have some
of the RDNS blocking set up through SpamAssassin. I've noticed that
this sometimes creates false positives for mail that originated on a
dynamic DSL address, and then was relayed through that users
Actually some ISP's like xs4all in the Netherlands will block a company
network because of that
-Oorspronkelijk bericht-
Van: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Namens chabral
Verzonden: donderdag 3 juni 2004 14:58
Aan: [EMAIL PROTECTED]
Onderwerp: [xmail] Re: virus database
] Namens chabral
Verzonden: donderdag 3 juni 2004 14:58
Aan: [EMAIL PROTECTED]
Onderwerp: [xmail] Re: virus database
they can also be pc's on a corporate network going out to the internet
by a
server o firewall doing nat/pat, so it will be blocking some
corporations
too.
chabral
juni 2004 16:50
Aan: [EMAIL PROTECTED]
Onderwerp: [xmail] Re: virus database
we have a big world with millions of internet users, no? well, here in
argentina thats very common. The isp gives an internet access and each
company uses it as it likes, for example, giving his lan internet access
via
21 matches
Mail list logo