[unisog] Barracuda effectiveness (vs Puremessage)

mcclenbw at oneonta.edu mcclenbw at oneonta.edu
Tue Jul 17 15:30:17 GMT 2007


Good point.  I've been using cbl.abuseat.org since our PM comparison
phase, when we configured the Barracuda to use the same DNSBLs as PM.
It worked great so I left it.  Guess should have read in to it more
later...

And yes, I would be will to share my regular expressions off the list.
It seems like when I post them somewhere public they are ineffective
within a few days. :)

> -----Original Message-----
> From: unisog-bounces at lists.dshield.org [mailto:unisog-
> bounces at lists.dshield.org] On Behalf Of rick pim
> Sent: Tuesday, July 17, 2007 11:09 AM
> To: UNIversity Security Operations Group
> Subject: Re: [unisog] Barracuda effectiveness (vs Puremessage)
> 
> 
> mcclenbw at oneonta.edu writes:
> 
>  > The Barracuda does have the DNSBL issue, and we are currently using
> 5
>  > lists:
>  >
>  > zen.spamhaus.org
>  > cbl.abuseat.org
> 
> i think the spamhaus list includes the cbl (or it did at one time).
> there may be little point in using cbl if you also have spamhaus.
> 
>  > I have created what I consider conservative regular expressions
> (never a
>  > false positive seen or reported) used for header, subject, and body
>  > filtering.  Some I created, and some I've picked up from the
> Barracuda
>  > forum.
> 
> would you be willing to share? :-)
> 
> rp
> 
> rick pim
rick at post.queensu.ca
> information technology services                          (613)
533-2242
> queen's university, kingston
>
-----------------------------------------------------------------------
> "If you don't find him, they'll shoot him down like a dog!"
> "Well, he *is* a dog."
>                     -- the Badger
> _______________________________________________
> unisog mailing list
> unisog at lists.dshield.org
> https://lists.sans.org/mailman/listinfo/unisog



More information about the unisog mailing list