💾 Archived View for station.martinrue.com › kevinsan › de923c438a6d4e3486fcd44a09979486 captured on 2024-07-09 at 01:01:03. Gemini links have been rewritten to link to archived content

View Raw

More Information

⬅️ Previous capture (2024-05-12)

➡️ Next capture (2024-08-18)

-=-=-=-=-=-=-

👽 kevinsan

@marginalia Astrolabe II was interesting. I found that IP address was a strong indicator for spamminess, and wrote a batch host lookup using dnsjava (org.xbill.DNS) to query a DNS server I set up on a VPS (to avoid possible ISP rate-limits) and dump results to a SQLite db. My db will be stale now, but it was interesting data.

2 years ago · 👍 marginalia

Actions

👋 Join Station

7 Replies

👽 p13

@kevinsan I use zimbra with only a few domains. It has a built-in spamassassin setup, and i use spamhaus with that. Works fairly well. I still do get spam, but only minimal. The usual applies. Make sure SPF is setup correctly, as well as DKIM, etc etc · 2 years ago

👽 kevinsan

@p13 what's your email setup? I self-host one domain, but my main domain is still GMail. Fear of spam has been part of my inertia in migrating away. · 2 years ago

👽 p13

@kevinsan For mail, i've always used spamhaus. They've consolidated all of their blacklists into a single one. Check it out at: https://www.spamhaus.org/zen/

It will stop most of the trash from getting through. · 2 years ago

https://www.spamhaus.org/zen/

👽 kevinsan

@marginalia @p13 My plan was/is to analyse IPs of known spam hosts vs known good, and check new hostnames against IP ranges. I can imagine useful heuristics that could avoid blanket bans, e.g. ratio of good:bad in a given (or imagined) subnet. · 2 years ago

👽 p13

Back in the old days, i would just keep track of the ASNs in china, india, pakistan, russia, etc, and just blanket drop the lot of it. · 2 years ago

👽 marginalia

I would really like to get ahold of alibaba's IP ranges, as almost all nonsense that slips through seems to be hosted there. · 2 years ago

👽 marginalia

It is indeed. Using a geo-IP database to straight up filter out hong-kong and russia removed like 95% of the bullshit. I also have restrictions on some TLDs and country-IPs where I'll just visit domain.tld and www.domain.tld; no other subdomains. · 2 years ago