[Dshield] RBL deaths OT?
barkerjr at barkerjr.net
Thu Sep 25 21:05:04 GMT 2003
-----BEGIN PGP SIGNED MESSAGE-----
> > The big problem with RBL's is not that there is no funding, but
> > that they have come under attack by DDoS recently. Two smaller
> > RBL's shut down this week, and there has been talk that SPEWS has
> > been targetted as well. Small sites do not have the money to
> > spend on mutliple internet feeds, redundant systems and major
> > load balancing. Even if they had something in place, targetting
> > the authoritative nameservers would not be that hard to do.
> > To set up a commercial RBL, you're going to have to do some major
> > load balancing, have support from your upstream provider, and a
> > lot of luck. One benefit of being a commercial site would be that
> > you could actually claim damages, thereby having the FBI
> > investigate.
You can't get the FBI involved unless you can prove greater than
$5,000 in damages. A smaller commercial list would take a few days
to accumulate that much before they could call the FBI.
> SPAMCOP makes a very tempting target. Their wide spread use by
> SpamAssassin makes them an even more tempting target. In fact, I am
> quite surprised that there has not been any credible reports of
> their being attacked. They are probably the most widely deployed of
> the remaining RBLs (wish I had some hard stats). They block on
> based on 'proven spam.' Their definition of 'spam', and what I
> personally feel is a 'shoot first, ask questions later'
> blacklisting policy, IMHO makes them less effective in blocking
> spam sources than the other RBLs. (In the short time we used
> SPAMCOP, I found their false positive rate to be too high for our
Well, Spamcop was knocked offline about a month ago for a few hours
and slow for about a week.
> 2) Some of the providers of Anti-Spam software will also be
> attacked -- especially SpamAssassin, and maybe shut down
Interestingly, SpamAssassin is also distributed via CPAN. So, to
knock it offline, you'd have to basically take down the entire
internet. Talk about getting the FBI's attention!
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>
-----END PGP SIGNATURE-----
More information about the list