Re: [mod-security-users] xbl.spamhaus.org
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] xbl.spamhaus.org
|
From: Ryan B. <Rya...@Br...> - 2008-08-24 18:19:17
|
> -----Original Message----- > From: mod...@li... [mailto:mod- > sec...@li...] On Behalf Of Thomas Anderson > Sent: Saturday, August 23, 2008 10:57 PM > To: mod...@li... > Subject: [mod-security-users] xbl.spamhaus.org > > In 00_asl_rbl.conf, I would recommend against making > sbl-xbl.spamhaus.org a default block list. [Ryan Barnett] Tom, that rules file is from GotRoot and is not supported by Breach Security. Have you tried posting this on their user forum? http://www.gotroot.com/tiki-view_forum.php?forumId=35. XBL sources IPs from CBL > (Composite Block List) from cbl.abuseat.org, which commonly lists > dynamic IPs as a policy. I had a client unable to use his > administrative interface recently because he unfortunately received an > IP from Verizon which was listed. SBL.spamhaus.org I think is less > likely to have false positives due to dyanamic IPs. Also, SORBS offers > a lot of more targetted lists... http://www.au.sorbs.net/using.shtml. > That's not to say that some people may not want to block dyamic IPs > previously found to be sending viruses and worms, but it's much more > prone to false positives, which I don't think should be a default. [Ryan Barnett] I agree with you. We have discussed some thoughts on selecting the proper RBL to use for various scenarios in previous list postings - http://osdir.com/ml/apache.mod-security.user/2007-11/msg00003.html |
