> > > > These lists that we all have come to love, could be made > > available via > > FTP and we can host them on our own servers... > > > > You would have to download the lists quite often to stay > current, and they are rather large. And if the site is being > DDoSed, and it cannot even respond to regular DNS queries, > how are you going to be able to connect to download the updates?
I think it's a good idea to share such tables. (If the blacklist maintainer agree to share his entire knowledge) Regarding updates the file sizes should be much lower if they contain only the changed values. Something like +123.123.123.123 -122.122.122.122 ... Then it's also a question huw much traffic creates the [your_processed_messages] x [your_ip4r+rbls_tests] DNS-lookups any day. My opinion about sharing tecnologies: It's a little bit programming work but why not use P2P tecnologies to search for special signed file names containing the update for a certain day? If this file is signed with a digital certificate it should be save to run such a update over P2P in automatic mode. The maintainer of this list can work from everywhere arround the world. He must only put the daily updates in the P2P network. Spammers shouldn't have any advantage from such public blacklists because they are already able to check DNS based blacklists if the IP they use currently to send out spam is blacklisted somewhere. Maybe daily updates are to slow for effective spam filtering and also hourly updates would ask some changes on the local anti spam filters (for example a queue-wait for suspiciuos messages) On the other side such shared blacklists can contain also additional data like a relative weight about any listed IP to indicate not only "yes" or "no" but also "maybe yes", "for shure!" and so on. I preffer also to have a clear defined maintainer that follows "his rules" to maintain a certain list. Something like a "open-blacklist" can be a little bit difficult because it's not clear who can add or delete IPs. Have a nice weekend! Markus --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
