Tweaking the RBL detector

Ander · 2009-08-19, 11:23

Give me some input, which checks should I run?
My script never actively blocks anything, just silently reports it here.

Block everything
Yes: Block everything that is marked as listed

Yes No
Error:
1
Cache
Define in hours how old entries can be, before cleare out of cache

Error:
1
DNSBL List
List of hosts to use when detecting proxies

cbl.abuseat.org dnsbl.njabl.org dnsbl.ahbl.org rbl.efnet.org http.dnsbl.sorbs.net socks.dnsbl.sorbs.net misc.dnsbl.sorbs.net opm.tornevall.org
Increase Size Decrease Size
Error:
1
Exclude from monitor
List of hosts, separated with ENTER, that won't be checked/blocked

Increase Size Decrease Size
Error:
1
Include in monitor
List of hosts, separated with ENTER, that should be considered as proxies

Increase Size Decrease Size
Error:
1
opm.tornevall.org: block checked proxies
Yes: Block proxies registered at opm.tornevall.org, but only if they have been scanned and controlled (meaning most of them)

Yes No
Error:
1
opm.tornevall.org: block connecting proxies
Yes: Block proxies that have been marked as connectable

Yes No
Error:
1
opm.tornevall.org: block blitzed proxies
Yes: Block proxies that are matched with blitzed.org (blitzed.org is no more active, but opm.tornevall.org still have some registered)

Yes No
Error:
1
opm.tornevall.org: Block timed out proxies
Yes: Block proxies that have been marked as timed out connection

Yes No
Error:
1
opm.tornevall.org: Block connections with error
Yes: Block proxies that got an error when scanned

Yes No
Error:
1
opm.tornevall.org: Block highly anonymous/elite proxies
Yes: Block proxies that looks like a non proxy (elite/highly anonymous)

Yes No
Error:
1
opm.tornevall.org: Block abusive hosts
Yes: Block hosts/proxies that have been marked as abusive

Yes No
Error:
1
opm.tornevall.org: Block anonymizers
Yes: Block known/reported anonymizers (proxy-by-web)

Yes No
Error:
1
njabl.org: Block open relays
Yes: Block open relays (as in e-mail-open-relays - be careful)

Yes No
Error:
1
njabl.org: Block dialups
Yes: Block dialups/dynamic ip-ranges (Be careful!)

Yes No
Error:
1
njabl.org: Block spam sources
Yes: Block spam sources (Again, as in e-mail)

Yes No
Error:
1
njabl.org: Block multi-stage open relays
Yes: Block multi-stage open relays (A multi-stage open relay is a system that relays mail for other systems that are open relays. i.e. System A is a mail server that accepts mail from anywhere and sends all non-local mail through system B - meaning e-mail)

Yes No
Error:
1
njabl.org: Block passively detected "bad hosts"
Yes: Block passively detected "bad hosts" (These hosts have done things a proper SMTP server should not do. They're very likely to be spam proxies.)

Yes No
Error:
1
njabl.org: Block systems with insecure scripts
Yes: Block systems with insecure scripts that make them into open relays

Yes No
Error:
1
njabl.org: Block open proxy servers
Yes: Block open proxy servers

Yes No
Error:
1
efnet.org: Block open proxies
Yes: Block open proxies registered at rbl.efnet.org

Yes No
Error:
1
efnet.org: Block spamtrap666
Yes: Block known trojan infected/spreading client (IRC)

Yes No
Error:
1
efnet.org: Block spamtrap50
Yes: Block trojan spreading client (IRC)

Yes No
Error:
1
efnet.org: Block known TОR-proxiеs
Yes: Block TOR-proxies registered at efnet

Yes No
Error:
1
efnet.org: Block IRC-bases drones/flooders
Yes: Drones/Flooding (IRC-based)

Yes No

Bombasy · 2009-08-19, 23:47

maybe you should read instructions:

Quote:

Yes No
Error:
1
njabl.org: Block dialups
Yes: Block dialups/dynamic ip-ranges (Be careful!)

YA THINK THIS MIGHT BE CAUSING PRОBLEΜS?

Ander · 2009-08-20, 07:14

Maybe you ѕhould stop bеing a whiny cunt faggot and shut your trap. You're quite useless and all you do is troll and whine in every thread.
It is set to no already specificly.

I wrote the proxy checker adapted from a mailserver system‚ and currently all SMTP related blockѕ arе turned off.
And it's only listing on RBL's for proxy stuff.

It is possible that the block all got precedence (which it shouldnt if something is specificly set to no‚ but I ѕhould'vе ruled out that bug now).

Ander · 2009-08-20, 07:25

Tbh, Im all for yanking your acceѕs to this sеction if all you do is just whine. Then you wont have to read those annoying reports that you've done nothing but whine on since they were put in place.

2009-08-19, 11:23	#1
Ander OSHIT are drama queens Sniggerdly - Euro Alts: Xyzox, Theodorovik, Novakaine Kills: 4,338,019 (4,514) Losses: 75,813 (153) Epeen Donations: 13M Posts: 4,008 Join Date: 2007 Jan Downloads: 23 Uploads: 2	Tweaking the RBL detector Give me some input, which checks should I run? My script never actively blocks anything, just silently reports it here. Block everything Yes: Block everything that is marked as listed Yes No Error: 1 Cache Define in hours how old entries can be, before cleare out of cache Error: 1 DNSBL List List of hosts to use when detecting proxies cbl.abuseat.org dnsbl.njabl.org dnsbl.ahbl.org rbl.efnet.org http.dnsbl.sorbs.net socks.dnsbl.sorbs.net misc.dnsbl.sorbs.net opm.tornevall.org Increase Size Decrease Size Error: 1 Exclude from monitor List of hosts, separated with ENTER, that won't be checked/blocked Increase Size Decrease Size Error: 1 Include in monitor List of hosts, separated with ENTER, that should be considered as proxies Increase Size Decrease Size Error: 1 opm.tornevall.org: block checked proxies Yes: Block proxies registered at opm.tornevall.org, but only if they have been scanned and controlled (meaning most of them) Yes No Error: 1 opm.tornevall.org: block connecting proxies Yes: Block proxies that have been marked as connectable Yes No Error: 1 opm.tornevall.org: block blitzed proxies Yes: Block proxies that are matched with blitzed.org (blitzed.org is no more active, but opm.tornevall.org still have some registered) Yes No Error: 1 opm.tornevall.org: Block timed out proxies Yes: Block proxies that have been marked as timed out connection Yes No Error: 1 opm.tornevall.org: Block connections with error Yes: Block proxies that got an error when scanned Yes No Error: 1 opm.tornevall.org: Block highly anonymous/elite proxies Yes: Block proxies that looks like a non proxy (elite/highly anonymous) Yes No Error: 1 opm.tornevall.org: Block abusive hosts Yes: Block hosts/proxies that have been marked as abusive Yes No Error: 1 opm.tornevall.org: Block anonymizers Yes: Block known/reported anonymizers (proxy-by-web) Yes No Error: 1 njabl.org: Block open relays Yes: Block open relays (as in e-mail-open-relays - be careful) Yes No Error: 1 njabl.org: Block dialups Yes: Block dialups/dynamic ip-ranges (Be careful!) Yes No Error: 1 njabl.org: Block spam sources Yes: Block spam sources (Again, as in e-mail) Yes No Error: 1 njabl.org: Block multi-stage open relays Yes: Block multi-stage open relays (A multi-stage open relay is a system that relays mail for other systems that are open relays. i.e. System A is a mail server that accepts mail from anywhere and sends all non-local mail through system B - meaning e-mail) Yes No Error: 1 njabl.org: Block passively detected "bad hosts" Yes: Block passively detected "bad hosts" (These hosts have done things a proper SMTP server should not do. They're very likely to be spam proxies.) Yes No Error: 1 njabl.org: Block systems with insecure scripts Yes: Block systems with insecure scripts that make them into open relays Yes No Error: 1 njabl.org: Block open proxy servers Yes: Block open proxy servers Yes No Error: 1 efnet.org: Block open proxies Yes: Block open proxies registered at rbl.efnet.org Yes No Error: 1 efnet.org: Block spamtrap666 Yes: Block known trojan infected/spreading client (IRC) Yes No Error: 1 efnet.org: Block spamtrap50 Yes: Block trojan spreading client (IRC) Yes No Error: 1 efnet.org: Block known TОR-proxiеs Yes: Block TOR-proxies registered at efnet Yes No Error: 1 efnet.org: Block IRC-bases drones/flooders Yes: Drones/Flooding (IRC-based) Yes No

2009-08-20, 07:14	#3
Ander OSHIT are drama queens Sniggerdly - Euro Alts: Xyzox, Theodorovik, Novakaine Kills: 4,338,019 (4,514) Losses: 75,813 (153) Epeen Donations: 13M Posts: 4,008 Join Date: 2007 Jan Downloads: 23 Uploads: 2	Maybe you ѕhould stop bеing a whiny cunt faggot and shut your trap. You're quite useless and all you do is troll and whine in every thread. It is set to no already specificly. I wrote the proxy checker adapted from a mailserver system‚ and currently all SMTP related blockѕ arе turned off. And it's only listing on RBL's for proxy stuff. It is possible that the block all got precedence (which it shouldnt if something is specificly set to no‚ but I ѕhould'vе ruled out that bug now).

2009-08-20, 07:25	#4
Ander OSHIT are drama queens Sniggerdly - Euro Alts: Xyzox, Theodorovik, Novakaine Kills: 4,338,019 (4,514) Losses: 75,813 (153) Epeen Donations: 13M Posts: 4,008 Join Date: 2007 Jan Downloads: 23 Uploads: 2	Tbh, Im all for yanking your acceѕs to this sеction if all you do is just whine. Then you wont have to read those annoying reports that you've done nothing but whine on since they were put in place.

(View-All) Members who have read this thread : 0
There are no names to display.

vBulletin Message

Cancel Changes