This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/anti-abuse-wg@ripe.net/
[anti-abuse-wg] update on netsecdb project
- Previous message (by thread): [anti-abuse-wg] update on netsecdb project
- Next message (by thread): [anti-abuse-wg] update on netsecdb project
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Michele Neylon :: Blacknight
michele at blacknight.ie
Tue Apr 6 10:32:17 CEST 2010
On 6 Apr 2010, at 01:59, Claus Marxmeier wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > When starting with www.netsecdb.de in 2008 i'd never expected the > decrease of spams to round about 1% of former amount to remain a > stable value. Stats from last weeks, monthes and year now give proof > that the setup of a central communitation matrix based on worldwide > IPv4-whois databases was a great help in fighting abusive mails and a > lot more. > > Inspite of common hosting environments the number of spams is > generally lower that the amount of mails containing wanted messaging. > The hourly auto-generated configuration files for MTAs like postfix, > exim, qmail and MS Excchange 2007 and later used on external partner > servers show same progresses. > > In addition, files that contain the blocking lists for leading TOP25 > spammer-country are distributed for free. > > Starting from scratch with a localized german based environment, we > opened netranges from additional countries based on the incoming > spamlevel. Nowadays, networks from DE, CH, AT, BE, NL, FR, GB, LU, LI, > IE, IT, CZ, SE, GR, PT, NO, PL, IS, FI, ES, DK, SK, HU, RO, BG, LT, > LV, EE, US, CA, IL and defined customer nets don't get blocked but get > tickets instead. If a non-customers's netrange abuse-email is > invalid/non-functional, range gets blocked. > > Many providers integrated ticket-systems for abuse-handling and > improved their quality management a lot. Only a few remained passive > and surprisingly a handful of ISPs still seem to work with quota > limited mailboxes to avoid a kind of work-overload. > > Logfiles show an increasing number of HEADER connects to our > smtp-ports just to check the current status of single IP or netrange > returned by our servers. > > Within the last monthes, netsol worked on rwhois integration into ARIN > whois outputs which finetuned the process of generating abuse-tickets > a lot. > > Many RIPE members started updating their whois records and abuse-mail > contacts. Sometimes this results in an very effective workflow with > only a few seconds response time over far distance whereas local > providers still cannot be reached cause of invalid or missing contact > records. > > Unfortunately the RIPE team stated by mail, that they have no > job-order to take care of the integrity of it's database records i.e. > finding ancient content with missing or invalid information gives > random results. > > There seems to be no need for a RIPE member to keep it's records > up-2-date ? > > Any additional information regardings spams, exploit attacks, hacking > can be taken from www.netsecdb.de site's sections. > > I wonder how long hosters are willing to pay the traffic, energy and > CPU-time for something nobody needs to have. > I wonder how long i takes for the DialUp- and Business Customers to > learn, that security is a crucial part of internet activities and that > their ISP's deliver very diffent qualities behind their mostly > coloured flash-animated websites. > > Looking forward to see the current unsolved problems beeing > transported to public clouds in datacenter and poisoned high bandwith > customer connections if everything remains 'same procedure as every > year' ... > > Kind regards, > > Claus Claus You need to learn the meaning of the word "diplomacy" Otherwise none of us will want to help you Regards Michele Mr Michele Neylon Blacknight Solutions Hosting & Colocation, Brand Protection ICANN Accredited Registrar http://www.blacknight.com/ http://blog.blacknight.com/ http://mneylon.tel Intl. +353 (0) 59 9183072 US: 213-233-1612 UK: 0844 484 9361 Locall: 1850 929 929 Direct Dial: +353 (0)59 9183090 Twitter: http://twitter.com/mneylon ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845
- Previous message (by thread): [anti-abuse-wg] update on netsecdb project
- Next message (by thread): [anti-abuse-wg] update on netsecdb project
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]