Linux-Bulgaria.ORG

навигация

начало

пощенски списък

архив на групата

По Дата

RE: lug-bg: osoben tip spam

Subject: RE: lug-bg: osoben tip spam
From: bkrosnov@email.domain.hidden (Boyan Krosnov)
Date: Wed, 28 May 2003 20:47:46 +0300


mislq che ima izvestna razlika mejdu dsbl i drbl :)
AFAIK drbl (rusnacite demek) polzvat nqkakva distributirana prez dns
sistema za glasuvane i rating na e-mail iztochnicite.

BR,
Boyan

<em class="quotelev1">> -----Original Message-----
<em class="quotelev1">> From: Alek Andreev [mailto:alek_at_zvuk.net] 
<em class="quotelev1">> Sent: Wednesday, May 28, 2003 8:15 PM
<em class="quotelev1">> To: lug-bg_at_linux-bulgaria.org
<em class="quotelev1">> Subject: Re: lug-bg: osoben tip spam
<em class="quotelev1">> 
<em class="quotelev1">> 
<em class="quotelev1">> Tozi ruski sait ne mojah da go procheta, zashtoto e na ruski :), no 
<em class="quotelev1">> namerih podoben proekt sus sait na angliiski i eto za kakvo 
<em class="quotelev1">> stava duma.
<em class="quotelev1">> 
<em class="quotelev1">> Proektut e dsbl.org. Podurjat spisuk s IP-ta na open-relay 
<em class="quotelev1">> SMTP serveri 
<em class="quotelev1">> i HTTP proxy-ta, koito se izpolzvat mnogo ot spamerite, za da 
<em class="quotelev1">> prikriat 
<em class="quotelev1">> sledite si. Zapitvaneto stava prez DNS, kato za da vidite dali ip-to 
<em class="quotelev1">> 1.2.3.4 e spamersko, triabva da polzvate
<em class="quotelev1">>     $ host 4.3.2.1.lists.dsbl.org
<em class="quotelev1">> Ako vi vurne 127.0.0.2, znachi sa spameri. Ako vurne Host not found, 
<em class="quotelev1">> znachi ne sa.
<em class="quotelev1">> 
<em class="quotelev1">> Dobavianeto v bazata danni stava po tri nachina. Purvia e s honeypot 
<em class="quotelev1">> email adres. Vseki email poluchen na tozi email se 
<em class="quotelev1">> klasificira kato spam 
<em class="quotelev1">> i IP-to na SMTP servera se dobavia v bazata danni. DSBL ne 
<em class="quotelev1">> proveriavat 
<em class="quotelev1">> dali tova naistina e open-relay server. Tozi nachin lovi nai-mnogo 
<em class="quotelev1">> spambotovete, koito pretursvat web stranicite za emaili, koito da 
<em class="quotelev1">> spamvat. Vtoria e chrez programa, koito mojete da si drupnete 
<em class="quotelev1">> ot saita 
<em class="quotelev1">> na dsbl. Tia skanira sluchaini IP-ta za open-relay serveri i 
<em class="quotelev1">> ako nameri 
<em class="quotelev1">> niakoi, prashta prez nego mail do honeypot adresa ot purvia nachin. 
<em class="quotelev1">> Tretia nachin e s ruchno dobaviane, kato IP-tata dobaveni ruchno se 
<em class="quotelev1">> durjat v otdelen, untrusted spisuk.
<em class="quotelev1">> 
<em class="quotelev1">> DSBL exportvat bazata si danni za BIND serveri i za rbldns. Vsichki 
<em class="quotelev1">> znaete kakto e BIND, a rbldns izglejda da e server, specialno 
<em class="quotelev1">> napraven 
<em class="quotelev1">> za celta na DNS spam blacklistovete. Priema plain-text spisuk 
<em class="quotelev1">> s IP-ta, 
<em class="quotelev1">> kompilira gi v udoben (B-tree?) format i otgovaria dali 
<em class="quotelev1">> dadeno IP go ima 
<em class="quotelev1">> v spisuk sus sushtia sintaksis kato na lists.dsbl.org (vij gore). 
<em class="quotelev1">> Primeren BIND zone file ima na 
<em class="quotelev1">> http://dsbl.org/zones/bind-multihop.dsbl.org , a sushtite 
<em class="quotelev1">> IP-ta v rbldns 
<em class="quotelev1">> format gi ima na http://dsbl.org/zones/rbldns-multihop.dsbl.org .
<em class="quotelev1">> 
<em class="quotelev1">> Eto i niakoi idei, koito mi hrumnaha za bulgarskia ni variant na DNS 
<em class="quotelev1">> blacklist.
<em class="quotelev1">> 
<em class="quotelev1">> Purvo, ne znam do kolko se polzvat v Bulgaria open-relay 
<em class="quotelev1">> serveri, ta si 
<em class="quotelev1">> mislia honeypot servera da vkluchva vsichki IP-ta v headerite na 
<em class="quotelev1">> emailite v bazata danni. A ako niakoi iska da reportna server chrez 
<em class="quotelev1">> programa kato tazi na dsbl, moje da dobavi slednia header v maila:
<em class="quotelev1">>     X-SpamExcludeIP: 1.2.3.4
<em class="quotelev1">> Tam moje da si napishe sobstvenoto IP, koeto da ne bude dobaveno v 
<em class="quotelev1">> bazata, vupreki che e v headera na maila. Za da ne se okaje 
<em class="quotelev1">> tova zadna 
<em class="quotelev1">> vratichka v sistemata, potrebitelskite mail serveri mogat da 
<em class="quotelev1">> filtrirat 
<em class="quotelev1">> vsichki pisma, sudurjashti vuprosnia header. Taka spamerut 
<em class="quotelev1">> niama da moje 
<em class="quotelev1">> da sloji sobstvenoto si IP v headera i da postigne jelania efekt.
<em class="quotelev1">> 
<em class="quotelev1">> Vtoro, vmesto da podurjame otdelni spisuci za sigurni i nesigurni 
<em class="quotelev1">> zapisi, mojem da slagame ratingi na vseki zapis. IP-tata, 
<em class="quotelev1">> dobaveni chrez 
<em class="quotelev1">> honeypot emaila avtomatichno shte imat rating ot 255. 
<em class="quotelev1">> Ratingut na tezi, 
<em class="quotelev1">> dobaveni ruchno shte se uvelichava s edno na vsiako povtorno 
<em class="quotelev1">> dobaviane 
<em class="quotelev1">> ot drug potrebitel. Taka vseki postmaster moje da si sloji prag na 
<em class="quotelev1">> ratinga i da opravliava kolichestvoto spam, koeto da minava. 
<em class="quotelev1">> Informaciata za ratingite moje da bude v TXT zapisut na DNS-a ili v 
<em class="quotelev1">> IP-to (primerno 127.0.0.65 za IP s rating 65). Ochevidno, 
<em class="quotelev1">> kolkoto vi e 
<em class="quotelev1">> po-goliam ratinga, tolkova po-gaden spammer ste :).
<em class="quotelev1">> 
<em class="quotelev1">> Treto, hubavo shte bude da si imame i edin whitelist za IP-ta na 
<em class="quotelev1">> kliuchovi mail serveri (dir.bg, mail.bg, etc.). Viarno che i ot tiah 
<em class="quotelev1">> moje da idva spam, no po-dobre da sa dostupni vse pak.
<em class="quotelev1">> 
<em class="quotelev1">> Chetvurto, kak moje da se poznavat lesno bulgarskite IP-ta 
<em class="quotelev1">> ili ideata e 
<em class="quotelev1">> da se vkluchvat vsiakakvi spamvashti IP-ta?
<em class="quotelev1">> 
<em class="quotelev1">> Nadiavam se tova da vi e polezno. :)
<em class="quotelev1">> 
<em class="quotelev1">> Regards,
<em class="quotelev1">> Alek Andreev
<em class="quotelev1">> Zvuk.Net
<em class="quotelev1">> alek_at_zvuk.net
<em class="quotelev1">> 
<em class="quotelev1">> 
<em class="quotelev1">> ==============================================================
<em class="quotelev1">> ==============
<em class="quotelev1">> A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers).
<em class="quotelev1">> http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. 
<em class="quotelev1">> - Stara Zagora
<em class="quotelev1">> To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
<em class="quotelev1">> ==============================================================
<em class="quotelev1">> ==============
<em class="quotelev1">> 
============================================================================
A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers).
http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora
To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
============================================================================

Във връзка с:
- Re: lug-bg: osoben tip spam
  - Изпратено от: alek@email.domain.hidden (Alek Andreev)

Предишно по дата: Re: lug-bg: osoben tip spam
Следващо по дата: Re: lug-bg: �� 
Предишно по тема: Re: lug-bg: osoben tip spam
Следващо по тема: Re: lug-bg: osoben tip spam
Индекс:
- По дата
- По тема

наши приятели

линукс за българи
http://linux-bg.org

FSA-BG
http://fsa-bg.org

OpenFest
http://openfest.org

FreeBSD BG
http://bg-freebsd.org

KDE-BG
http://kde.fsa-bg.org/

Gnome-BG
http://gnome.cult.bg/

проект OpenFMI
http://openfmi.net

NetField Forum
http://netField.ludost.net/forum/

Linux-Bulgaria.ORG