Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Barracuda Networks Spam Firewall

  • From: James Couzens
  • Date: Wed May 19 20:09:09 2004

On Wed, 2004-05-19 at 16:24, Eric A. Hall wrote:
> extract hostname from url, dig on hostname, whois on addr, and nine times
> out of ten the host is in a CN netblock. that's from the spam that gets
> into my mailbox.

Yes I understand that is what you meant.  I just did this on 5 spam in
my mail box, I got:

Domain Name: AAFMALE.BIZ (www.aafmale.biz)
Registrant Country: Canada
Resolves to address: 218.232.109.220 (KRNIC-K) (Korea)

Domain Name: PLANENEWS.COM
Registrant Country: France
Resolves to address: 216.92.194.65 (PAIRNET-BLK-3) (United States)

Domain Name: MIRGOS.ORG
Registrant Country: Russia
Resolves to address: 211.198.200.208 (KRNIC-KR) (Korea)

Domain Name: WINSPR.BIZ  (iityvzbtpvw.winspr.biz)
Registrant Country: New Zealand
Resolves to address: 221.233.29.33 (CHINANET-HB-JZ7) (China)

While it is only 5 mails, and certainly nothing to judge by, it does not
seem to be 90%.  Although Korea under APNIC it is not China.

> let me state AGAIN that what I really want is a plugin that allows for
> cidr match-lists so that I can also include the handful of non-enforcing
> hosters in Russia, New York, Florida, etc. One responder also suggested
> ASN matchlists but I'm not that mad.

What sort of plugin?  MTA? MUA?

Going back to my previous e-mail, all of this effort I think is being
placed in the wrong direction.  Focus should be placed on preventing
forgery, and educating users.  If we spent the money we are dropping on
hardware and software to stop spam (its in the BILLIONS) on educating
users and pushing anti-forgery / sender authentication/verification
methods forward, we'd have an easier time of all this.

Cheers,

James

-- 
James Couzens,
Programmer
-----------------------------------------------------------------
http://libspf.org -- ANSI C Sender Policy Framework library
http://libsrs.org -- ANSI C Sender Rewriting Scheme library
-----------------------------------------------------------------
PGP: http://gpg.mit.edu:11371/pks/lookup?op=get&search=0x6E0396B3

Attachment: signature.asc
Description: This is a digitally signed message part




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.