[BALUG-Admin] Spamtraps and http://www.uceprotect.net/en/rblcheck.php?ipr=

Rick Moen rick@linuxmafia.com
Sat Jul 30 20:34:41 UTC 2022

I wrote:

>   What does it mean to be listed at the UCEPROTECT-Level 1?
>   It means abusive activity was seen from IP directly within
>   the last 7 days.
>   Concrete allegation:
>   IP tried to deliver mail to spamtraps.

Progress:  UCEPROTECT-Level 1 (and all other UCEPROTECT) DNSBLs no
longer list .  This is reassuring!  It would be quite bad
if we had unknown spamtraps on the subscriber rosters.  I'm still a bit 
worried, in that it's troubling that at least one (allegedly) was _on_
the roster(s), raising (as I said) the troubling question of whether
there is a vulnerability permitting subscribing users without three-way
handshake confirmation.

Michael, I hope you will get around to confirming that the local config
to add a nonce (or whatever it's called) to the subscription POST data
is in place.  That is non-default.

https://multirbl.valli.org/dnsbl-lookup/ now shows a
subset of six out of the (if memory serves) nine recently showing.

Vexingly, the postmaster.rfc-clueless.org one for FQDN balug.org (and
thus for lists.balug.org) is still there, although I asked removal.
I _hope_ this means that removel request is still pending.

Michael, I would still appreciate your attention to the remaining 
entries on https://multirbl.valli.org/dnsbl-lookup/ .
Some, such as SORBs, really ought to be addressed by the system
siteadmin.  (Again, for SORBS, create a SORBS login.)

More information about the BALUG-Admin mailing list