On 5/10/2010 3:04 PM, Michael Cummins wrote:
Are there many folks on the list who would/could use an IP list
generating function in the SNF engine?
If so what might that look like -- that is, how would you like to tune
it and what special features might it have to be most useful?
If you do generate it, I'd be happy to sync up with you so you can have a
copy of all my ugly IPs.
GBUdb data is already shared between SNF nodes. GBUdb is a collaborative
IP reputation system.
Is there a way we could implement it in a SmarterMail / Declude config that
would reduce processing footprint?
SNF already uses GBUdb to eliminate content scanning when the IP
reputation is in the truncate range. If it is not in the truncate range
there is a possibility that there would be false positives.
The easiest way to reduce processing loads is to reject connections
based on truncate.gbudb.net.
I suppose it is also possible to skip other tests in Declude based on
weights generated by SNFIP and/or SNFIPREP.
Would using the file as a simple IP blacklist.txt in Declude prevent other
checks?
I don't know.
Do David and Linda read this list as well?
I don't think so.
_M
--
Chief Scientist
ARM Research Labs, LLC
www.armresearch.com
#############################################################
This message is sent to you because you are subscribed to
the mailing list <sniffer@sortmonster.com>.
This list is for discussing Message Sniffer,
Anti-spam, Anti-Malware, and related email topics.
For More information see http://www.armresearch.com
To unsubscribe, E-mail to: <sniffer-...@sortmonster.com>
To switch to the DIGEST mode, E-mail to <sniffer-dig...@sortmonster.com>
To switch to the INDEX mode, E-mail to <sniffer-in...@sortmonster.com>
Send administrative queries to <sniffer-requ...@sortmonster.com>
