From: "Craig McLean" <[EMAIL PROTECTED]>
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1Dallas L. Engelken wrote:Well, the only thread on sa-users I found about this was from Dec 2005. http://www.nabble.com/A-thought-about-phone-numbers-and-URIBLs-t716464.h tml We had a thread on uribl staff list about this last July which we cross-posted to sare where loren brought up some good points. After a good discussion on it, it dropped off the radar as something that would take to much time and have very little impact. If anyone plans to move forward with this, I'd be willing to share our threads on it. DallasActually, after some off-list chat with Rob Skedgell I recently finished a first attempt at a plugin for a dnsbl for phone numbers[1], having put together a monstrous, by-country static ruleset based on international dialing codes[2]. It's met with reasonable success here against 419 and associated check-fraud spam using harvested data[3], but will need some serious thought, testing, tweaking and infrastructure before it can be used in production... I'd be intrigued to read any other comments and discussion that have happened... Thanks, C. [1] http://fukka.co.uk/sa-rules/local/PhoneBL.pm [2] http://fukka.co.uk/sa-rules/local/phone.cf [3] http://fukka.co.uk/sa-rules/local/evilnumbers.db
For what it is worth, Craig, based on my slip of the migraine about
evilnumbers.cf I am watching its hits. Out of about 100,000 emails
in my stored maillogs I have hit evilnumbers maybe a total of 20
times. They don't even break out of the "0.00" percent levels. Off
hand they don't seem to be worth the scan time for the machine. Of
course, that is probably because evilnumbers exists which keeps the
phone numbers and such out of most of the junk received. (Of course,
there might be some dandy candidates in the dozen or so a week phishes
that ClamAV scores and I sequester in a virus directory. I don't
even bother to read them given their usual ebay/paypal/bankname
"From:" forgeries.)
{^_^}
