[Dshield] Re Dshields email invite: DShield Time Check

Tony horsemaster at ntlworld.com
Sun Oct 10 08:36:14 GMT 2004


A valiant attempt but implementation appears somewhat flawed?

1. Email I received was flagged by RBL listing from Spambag - thus time wasted checking email headers (themselves somewhat obfuscated/suspicious anyway? ** - see below) and then googling to establish authenticity of email. 

2. My ISP uses a transparent cache (interception) server. Dissappointingly this DSHIELD page (unlike a number of other sites) appears unable to circumvent/accommodate this to ascertain true IP? Thus currently for example this process won't work for NTL (UK ISP) users that have Transparent servers enabled in their region anyway.

3. Arguably a tenuous criticism but displaying the sender IP with a request to ensure user avoids reporting it AFTER the TCP packet has been allegedly sent is a tad silly surely?    

Regards


Tony 
------------------------------------------
FIGHT BACK AGAINST SPAM! Download Spam Inspector, the Award Winning Anti-Spam Filter http://mail.giantcompany.com


** copy of salient part of email headers -------
Received: from localhost (localhost [127.0.0.1])
	by mrburns.lan (Postfix) with ESMTP id 2859AD22DA
	for <xxxxxx at ntlworld.com>; Thu,  7 Oct 2004 12:44:50 -0400 (EDT)
Received: from unknown by localhost (amavisd-new, unix socket)
 id client-XXxtXeYx for <xxxxxx at ntlworld.com>;
 Thu,  7 Oct 2004 12:44:50 -0400 (EDT)
Received: by mrburns.lan (Postfix, from userid 1000)
	id 19065D20A4; Thu,  7 Oct 2004 12:44:50 -0400 (EDT)
-------------------------------------------------
Apologies if this embarrasses a real Mr Ian Burns somewhere in SANS! 
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.771 / Virus Database: 518 - Release Date: 28/09/2004





More information about the list mailing list