Raymond P. Burkholder - Things I Do - Spam Containment

RBL, Reputation

nospam@example.com (Raymond P. Burkholder) — Sat, 09 Apr 2022 17:26:13 +0000

look at Hetrixtools - It's not IP Reputation Service, but this tool can you can an idea with RBL Blacklist monitor maybe ?
There are only two IP-based reputation services that are truly widely used, world-wide, ours and Validity's (nee ReturnPath).
IADB (ISIPP Accreditation Database, now known to consumers as the Good Senders List, or GSL) - Ours have *always* been free for receivers to query, and always will be, as our primary reason for having been in business for going on 20 years is to provide a way for *receivers* to determine the ham from the spam (making it easier for them to reject spam). I'm surprised to hear that *any* of the others are charging for access for querying - shocked in fact. More general information about the IADB is here: for ISPs
FWIW - spamassassin checks the ISIPP by default since 3.10 and reduces the score if your address is found there.

2022/04/09 - E-Mail Reputation – Protect against false positives - reputation data services - has a link to applications using the data, one of which being rspamd -- but note: "gmail's lack of cooperation with the dns good list means inbound from them gets dropped when one of their outbound smtp senders gets badlisted, which they often do. " -- followed up by: [How about using their SPF records as automation input? Their MXes are inside those blocks right now at least.]

2022/04/09 - HetrixTools - Uptime Monitor & Blacklist Monitor

Does Blockchain Malware Pay?

nospam@example.com (Raymond P. Burkholder) — Sat, 03 Apr 2021 20:25:00 +0000

There are sites for that!

BlockChain check for 1F1ptimEAvcQPFoPsAckmrKiYL6c6h5NcN - and with the ability to use that string as a content filter!
Supposedly something similar can be performed at https://www.spamhaus.org/query/hash/

By using it as a dnsbl,

$ host 1Mw9bvuPpVqM6vkQwaq4JQZCYe4ZmZse1R.bl.btcblack.it
Using domain server:
Name: 8.8.8.8
Address: 8.8.8.8#53
Aliases:

1Mw9bvuPpVqM6vkQwaq4JQZCYe4ZmZse1R.bl.btcblack.it has address 127.0.0.2

Phishers can use social Web sites as bait to net victims: Informatics study Indiana University (05/24/07)

nospam@example.com (Raymond P. Burkholder) — Fri, 25 May 2007 23:14:19 +0000

Personally, I've been able to identify phishing emails as they arrive, and promptly delete them. Indeed, some are quite tempting and realistic, but if one looks at the links closely, the imposters can be separated from the real thing.

If there is ever any confusion, I'll go the source directly, bypassing the link, and type in the correct link directly.

An ACM Newsletter speaks of a study that show that separating the wheat from the chaffe is becoming more difficult. Here is what they say:

Popular social network sites such as Facebook and MySpace are being used by cybercriminals to gather personal information to create targeted phishing attacks, according to Indiana University School of Informatics researchers. In their study, "Social Phishing," the researchers established a baseline for the success rate of traditional and social network-based phishing attacks. Phishers steal personal information by sending authentic looking requests, either by email or instant messaging, asking someone to click on a link and submit their information on what looks like a legitimate Web site. "Phishing has become such a prevalent problem because of its huge profit margins, ease in launching an attack, and the difficulty of identifying and prosecuting those who do it," says associate professor of informatics and computer science Filippo Menczer. "Our study clearly shows that social networks can provide phishers with a wealth of information about unsuspecting victims." The study sent email messages to two groups of students asking them to enter their university ID and password. One group received an email from what they thought was a friend, while the other group received an email from a stranger. Only 16 percent of students who received an email from a stranger entered their information, while 72 percent of those receiving emails from "friends" gave away their information. Associate professor of informatics and member of the research team Markus Jakobsson says they were astonished by the 72 percent response rate. The researchers suggested some countermeasures to prevent phishing, including digital signatures on emails to verify the source, browser toolbars that alert users to spoofing attempts, spam filters that detect spoofed emails, and providing users with a secure path to enter passwords, alerting users that they are trying to authenticate to an unknown site. The study is scheduled to be published in the October 2007 issue of Communications of the ACM.

The full article can be found at the Indiana University.