[Dshield] Whom do you trust?

Chateauneuf dupape at bellatlantic.net
Thu Mar 6 15:47:06 GMT 2003


At 09:14 AM 3/6/2003 -0600, Ed Truitt authored the following:
>I don't remember this group off the top of my head.  However, there is
>nothing to prevent anyone from starting up their own DNSBL for spam.  And,
>you are right, that would be a way to cover your scans for open relays.  We
>PRESUME that the DNSBL will be used to BLOCK mail, but what if it is used 
>to IDENTIFY abusable systems...

That's my concern. Check out the whois. All the information relates to the 
host in Florida (I'm assuming that this has something to do with New 
Jersey). The site contains no contact information or names. HOW DO WE KNOW?

Later today or tomorrow I'll post a follow-up on BlueTelegraph including an 
explanation from the owner of how the IPs were hijacked. These folks have a 
web site as well that gives the impression that they are an ISP. It seems 
that spammers are willing to go to great lengths;

SO WHY NOT A DUMMY BL? 



More information about the list mailing list