This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/anti-abuse-wg@ripe.net/
[anti-abuse-wg] Fw: Spam-phishing
- Previous message (by thread): [anti-abuse-wg] Fw: Spam-phishing
- Next message (by thread): [anti-abuse-wg] Fw: Spam-phishing
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Ronald F. Guilmette
rfg at tristatelogic.com
Fri Aug 21 22:01:19 CEST 2015
In message <1440125297.17376.0.camel at extraterrestrialmail.com>, wishcraft at user.sourceforge.net wrote: >You know we are making a place for all those kind of bans -- >http://xortify.com For the benefit of everyone on this list, perhaps you could describe, briefly, this project. Frankly, it is a little difficult to understand what this project is really all about from the home page that you posted a link for. After scrolling down past quite a lot of material on that page... material which provides no useful information to a prospective new user... I finally found a block of text under the heading of "A bit about Xortify!" But even this text raises more questions than it answers. I get the impression that this project is one whose primary aim is to develop, maintain, and publish... based upon inputs from a distributed base of many users in various places... something which amounts to an IP address blacklist, and that this blacklist is primarily intended to be used to prevent certain web visitors from doing certain things (e.g. signing up for accounts) based upon their IP addresses. Is that basically all correct? If so, it would be helpful if the text on the home page of the web site for this project would say that clearly, at the very beginning. It would also be most helpful if the project home page would answer the kinds of questions that apply generally, to all sorts of IP-address based blacklists, specifically: * How exactly is it determined that a given IP address is behaving (at present) in a "bad" way which makes it worthy of being listed on the blacklist? * Are entire ranges of IP addresses ever blacklisted? If not why not? And if so, how are the proper ranges determined, and by whom? * Might the list contain some IP addresses that are dynamically allocated to end users? And if so, isn't the claimed 3-month automatic expiration time for all listings excessive for those types of IP addresses? * Due to the increasing use of NAT, especially in conjunction with the dwindling supply of IPv4 addresses, doesn't blacklisting a single IP address contain the potential of creating "false positives" and the blocking of many many innocent users? (It seems to me that this problem would be substantially more sig- nificant in the case of a blacklist aimed at HTTP transactions, whereas it is only a very minimal problem in the case of IP address blacklists aimed at SMTP transactions.) Please don't get me wrong. I admire and applaud anyone who works to try to help his fellow man to block the actions of the bad and disruptive elements on the Internet. And thus, I admire and applaud this project. But before anyone might decide to become either a user or a contributor to such a project, it would be important, I think, to have answers to the key questions I have noted above. Regards, rfg
- Previous message (by thread): [anti-abuse-wg] Fw: Spam-phishing
- Next message (by thread): [anti-abuse-wg] Fw: Spam-phishing
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]