RBLs in use
Matthew Sullivan
matthew at sorbs.net
Thu Nov 20 23:42:37 UTC 2003
I'm gonna post this back publically because it will be of interest to
all (I hope)...
Jasper van Beusekom wrote:
>Mat:
>
>
>
>>Noone is exempt from listing in SORBS, but proven whitehats don't get
>>blocked.
>>
>>
>
>Do you have many such contacts?
>
I have a few (less than 50)
> Would it be something to create a DNSBL
>list for known whitehats and sites with functioning abuse teams? Such a
>whitelist could be a partial implementation of a 'trusted network'
>principle.
>
I am *currently* creating an extension to SORBS which will allow ISPs to
register as whitehats along with their mailservers and netblocks, and a
fast response email address.
The idea being if a mailserver is about to be listed they will get 24
hours warning to avert the listing. If addresses within their netblocks
get listed they will get notification mails, and the host is listed
immediately.
>A similar project runs under the DNSBL domain:
> nlwhitelist.dnsbl.bit.nl
>
>Usenet reference unfortunately in Dutch:
> 3f81483c$1 at inaja.bit.nl
>
>Basically, respectable ISPs with active abuse desks can request to get
>listed, and will be removed when complaints start coming in.
>
>Whitelists wouldn't attract the same kind of DDoS activities either.
>
I think I'll still be a DDoS target though ;-/
Yours
Mat
More information about the NANOG
mailing list