Spamhaus

Written By reza winner on Rabu, 03 April 2013 | 00.55

The Spamhaus Project is an international organization, based in both London and Geneva, founded in 1998 by Steve Linford to track email spammers and spam-related activity. The name spamhaus, a pseudo-German expression, was coined by Linford for an Internet service provider, or other firm, which spams or willingly provides service to spammers. Spamhaus is responsible for a number of very widely used anti-spam DNS-based Blocklists (DNSBLs) and Whitelists (DNSWLs). 




Many internet service providers and email servers use the lists to reduce the amount of spam they accept. The Spamhaus lists collectively protect over 1.77 billion email users, according to Spamhaus' web page (in November 2012) and are estimated to block 80 billion spam emails per day globally on the internet (almost one million per second). Like all DNSBLs, their use is considered controversial by some.
The Spamhaus Block List (SBL) targets "verified spam sources (including spammers, spam gangs and spam support services)." Its goal is to list IP addresses belonging to known spammers, spam operations, and spam-support services. The SBL's listings are partially based on the ROKSO index of known spammers.

The Exploits Block List (XBL) targets "illegal 3rd party exploits, including open proxies, worms/viruses with built-in spam engines, virus-infected PCs & servers and other types of trojan-horse exploits." That is to say it is a list of known open proxies and exploited computers being used to send spam and viruses. The XBL includes information gathered by Spamhaus as well as by other contributing DNSBL operations such as the Composite Blocking List (CBL).
The Policy Block List (PBL)  is similar to a Dialup Users List. The PBL lists not only dynamic IP addresses designated as 'not allowed to make direct SMTP connections', but also static addresses that shouldn't be sending email without prior arrangement. Examples of such are an ISP's core routers, corporate users required by policy to send their email via company servers, and unassigned IP addresses. Much of the data is provided to Spamhaus by the organizations that control the IP address space, typically ISPs.
The Domain Block List (DBL) was released in March 2010 and is a list of domain names, which is both a domain URI Blocklist and RHSBL. It lists spam domains including spam payload URLs, spam sources and senders ("right-hand side"), known spammers and spam gangs, and phish, virus and malware-related sites. It later added a zone of "abused URL shortners", a common way spammers insert links into spam emails.
The Spamhaus White List (SWL) was released in October 2010 and is a whitelist of IPv4 and IPv6 addresses. The SWL is intended to allow mail servers to separate incoming email traffic into 3 categories: Good, Bad and Unknown. Only verified legitimate senders with clean reputations are approved for whitelisting and there are strict terms to keeping a Spamhaus Whitelist account.
The Domain White List (DWL) was released in October 2010 and is a whitelist of domain names. The DWL enables automatic certification of domains with DKIM signatures. Only verified legitimate senders with clean reputations are approved for whitelisting and there are strict terms to keeping a whitelist account. Spamhaus's DNSBLs and DNSWLs are offered as a free public service to low-volume mail server operators on the Internet. Commercial spam filtering services and other large sites doing large numbers of queries must instead sign up for an rsync-based feed of these DNSBLs, which Spamhaus calls its Datafeed Service, at a moderate fee as long as they are not in Spamhaus's top ten worst spam service ISPs list. Spamhaus also provides two combined DNSBLs. One is the SBL+XBL[11] which allows users to query sbl-xbl.spamhaus.org once and get return codes from both lists. A newer combination is called ZEN[12] (named after founder Linford's dog), which allows users to query zen.spamhaus.org once and get return codes from the SBL+XBL and the newer PBL.
Spamhaus outlines the way its DNSBL technology works in a document called Understanding DNSBL Filtering.

0 komentar:

Posting Komentar