Showing posts with label nanae. Show all posts
Showing posts with label nanae. Show all posts

Status of completewhois.com: IN FLUX

Update 9/30/2007: The website www.completewhois.com is operational again, but some links appear to be broken. My attempts to query their DNSBLs have all timed out. While CompleteWhois may be on the mend, it seems that it may be too soon to give the all clear.

Previous updates follow.

Changes at UCEPROTECT

Whatever your opinion of UCEPROTECT, hold on to your hat, as things are apparently about to change.

This posting to the USENET newsgroup news.admin.net-abuse.email indicates that Johann Steigenberger is no longer involved with UCEPROTECT. Going forward, Claus v. Wolfhausen has indicated that he is charge of the lists.

At first there was some concern that this post wasn’t true, that it was a deception. I’ve spoken to Claus via email, and that, along with other information, leads me to believe that this is in fact true and correct. (I’ve met neither individual in person, so I suppose this could be a giant hoax, but I’ve got no reason to believe so at this time.)

Claus indicates that UCEPROTECT will no longer list for backscatter and sender verification callouts. These two listing criteria were controversial and I am told that they resulted in numerous complaints of false positives relating to UCEPROTECT. These data relating to listings based on these criteria are being repurposed into a new blocking list at www.backscatterer.org.

He went on to say due to his intervention, UCEPROTECT has ceased publishing the controversial “anonymous” APEWS blocklist data, and that he is unsure if UCEPROTECT will again publish the APEWS data in the future. APEWS, an “anonymous” list widely thought to be created as a replacement for the defunct SPEWS, has been regularly criticized by respected anti-spam advocates such as Steve Linford of Spamhaus and Suresh Ramasubramanian of ISP Outblaze. Controversy includes listing policies considered to be broad and inaccurate, and contact/removal policies perceived as cruel to listees (by deflecting all contact away from the blocklist and toward public discussion forums where listees are often subject to abuse from unrelated parties).

I have yet to write and post reviews of UCEPROTECT or APEWS for dnsbl.com. Look for this in the future.

Status of blacklist.spambag.org: DEAD

As of Sunday, May 27th, 2007, the blocking list Spambag, with the DNSBL zone blacklist.spambag.org, is no longer available. The website www.spambag.org does not resolve to an IP address, and there appear to be no DNS entries under the DNSBL sub-zone.

Spambag, created and run by Sam Varshavchik, developer of the Courier mail server, has been operating this list since at least November, 2001.

The list had the following listing criteria: "[Spambag is my] personal list of networks who I block from sending me mail or accessing my web servers, because I believe the networks actively or passively allow abusive or antisocial behavior. Examples of what I consider abusive or antisocial behavior are: spamming, mailbombing, mail server dictionary attacks, and web page E-mail address harvesting."

I last noted a hit against this DNSBL on May 26th, at 1:34 am US central time. Note that I was not a user of this list; I simply measure its effectiveness and status, like I do for many other lists.

This post to news.admin.net-abuse.email explains that Sam Varshavchik shut the list down, and that he felt his efforts had not been as productive as he would've liked them to be.

I would recommend removing blacklist.spambag.org from your list of DNSBLs to check, as it is no longer in operation.

Status of block.blars.org: DEAD

The “Blars” DNSBL (block.blars.org) appears to have gone on walkabout.

Created in 2002, the “Blars Block List” was an aggressive, semi-private blocking list run by a gentleman known to the greater internet community only by the pseudonym of “Blars.”

The "BlarsBL" had a broad criteria for listing. This included spam sending domains, open relays, sites with disagreeable spam reporting policies, sites lacking abuse addresses, those who host spammer dropboxes or websites, those who have threatened Blars or others with legal action, and sites originating break-in attempts and other exploits (open proxy, open relay, etc.).

The list has been criticized for implying that payment was required for removal. From the site: "If you would like a site be added or removed from BlarsBL, you may hire Blars at his normal consulting rates (currently $250/hour, 2 hour minimum, $1000 deposit due in advance for non-established customers) to investigate your evidence about the site. If it is found that the entry was a mistake, no charge will be made and the entire deposit will be refunded."

The list appears to be no more. The websites www.blars.org and block.blars.org both resolve to a “This domain is parked free with GoDaddy” placeholder page.

Note: I confirmed today that all lookups against block.blars.org DSNBL will result in a match. This is the “Osirusoft solution,” also known as “listing the whole world.” Intentional or not, this means that if you continue to use this blocking list, you will receive no incoming mail whatsoever. If you are using this list to reject mail, I recommend you cease doing so immediately. It will block all of your inbound mail. See this page at MXToolbox.com further confirmation of BLARS mysterious disappearance. This post from the newsgroup news.admin.net-abuse.email indicates that it has likely been out of operation since approximately December 18, 2006.