You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Marc Perkel <ma...@perkel.com> on 2009/12/12 06:42:14 UTC
emailreg.org - pretty good white list
Been using emailreg.org for several months now and it seems like a
really good white list. Anyone else using it?
Re: emailreg.org - pretty good white list
Posted by Per Jessen <pe...@computer.org>.
John Hardin wrote:
> On Mon, 14 Dec 2009, Per Jessen wrote:
>
>> Why would anyone pay USD20 to register with emailreg.org instead of
>> publishing an SPF record for free?
>
> To keep the pointy-haired managers happy.
>
I had the distinct feeling it was something like that.
/Per Jessen, Zürich
Re: emailreg.org - pretty good white list
Posted by Sahil Tandon <sa...@tandon.net>.
On Dec 14, 2009, at 12:45 PM, John Hardin <jh...@impsec.org> wrote:
> On Mon, 14 Dec 2009, Per Jessen wrote:
>
>> Why would anyone pay USD20 to register with emailreg.org instead of
>> publishing an SPF record for free?
>
> To keep the pointy-haired managers happy.
Bingo. Name calling aside, this is really the crux of it.
Re: [sa] Re: emailreg.org - pretty good white list
Posted by Charles Gregory <cg...@hwcn.org>.
On Mon, 14 Dec 2009, John Hardin wrote:
> On Mon, 14 Dec 2009, Per Jessen wrote:
>> Why would anyone pay USD20 to register with emailreg.org instead of
>> publishing an SPF record for free?
> To keep the pointy-haired managers happy.
Meow! :)
- C
Re: emailreg.org - pretty good white list
Posted by John Hardin <jh...@impsec.org>.
On Mon, 14 Dec 2009, Per Jessen wrote:
> Why would anyone pay USD20 to register with emailreg.org instead of
> publishing an SPF record for free?
To keep the pointy-haired managers happy.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhardin@impsec.org FALaholic #11174 pgpk -a jhardin@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Mine eyes have seen the horror of the voting of the horde;
They've looted the fromagerie where guv'ment cheese is stored;
If war's not won before the break they grow so quickly bored;
Their vote counts as much as yours. -- Tam
-----------------------------------------------------------------------
Tomorrow: Bill of Rights day
Re: emailreg.org - pretty good white list
Posted by Per Jessen <pe...@computer.org>.
Marc Perkel wrote:
> Been using emailreg.org for several months now and it seems like a
> really good white list. Anyone else using it?
I'm not using it, but why would people list themselves there instead of
just publishing an SPF record? The approach is roughly the same:
>>From emailreg.org:
"We provide a list of registered domains and IP addresses that are
authorized to send email for those domains."
Why would anyone pay USD20 to register with emailreg.org instead of
publishing an SPF record for free?
/Per Jessen, Zürich
Re: emailreg.org - permission to spamassassin masscheck?
Posted by Warren Togami <wt...@redhat.com>.
On 12/14/2009 05:06 AM, Mike Cardwell wrote:
> Warren Togami wrote:
>
>> I'm pretty sure this only queries only by IP address. IP address and
>> domain name combined can be significantly more fine grained on some
>> mail providers, so we might be better off waiting until spamassassin
>> is capable of querying in their preferred manner before adding it to
>> masschecks.
>
> Apparently you can't query the list until you've registered the IP
> address of your DNS resolvers with them. This means, it can't be
> included as standard in SpamAssassin.
>
> However, I can't figure out how to do that... On
> http://www.emailreg.org/index.cgi?p=policy it says:
>
> "The Registered Email Sender List is available to everyone that would
> like to utilize it. In order to obtain access you need to register a
> domain. Once you have registered a domain you will be able to specify
> the IP addresses that you would like to have query the RESL."
>
> So you have to register a domain before you can register your IPs...
>
> It then goes on to say:
>
> "Note that there is no charge for USE of the RESL data via this DNS
> query system. If you would like to use the RESL without registering a
> domain you may do so by registering HERE."
>
> So you don't have to register a domain before you can register your IPs...
>
> Which is it? Do I have to register a domain, or don't I? So I signed up
> for an account and all I see is an option to register my domains with
> them, and that costs money... I see no option for registering the IPs of
> my resolvers.
>
Good point. spamassassin masschecks can happen on arbitrary hosts on
the Internet. If they require registration for DNS lookups, then
emailreg.org cannot be tested by weekly masscheck. I personally am
against adding anything to spamassassin that cannot be tested.
Warren Togami
wtogami@redhat.com
Re: emailreg.org - permission to spamassassin masscheck?
Posted by Bob O'Brien <bo...@barracuda.com>.
Mike Cardwell wrote:
> So you don't have to register a domain before you can register your IPs...
>
> Which is it? Do I have to register a domain, or don't I? So I signed up
> for an account and all I see is an option to register my domains with
> them, and that costs money... I see no option for registering the IPs of
> my resolvers.
>
I don't know for sure whether my own access account is typical or not, but
once you are logged into your free account, you should be able to choose
"My Domains" from the top menu, and then "Edit RESL Access IPs" from the
navigation panel on the left.
If that doesn't work, email me directly if you wish.
Given some specifics, I can encourage the emailreg folks to improve the
user interface.
Bob
--
Re: emailreg.org - permission to spamassassin masscheck?
Posted by Mike Cardwell <sp...@lists.grepular.com>.
Warren Togami wrote:
> I'm pretty sure this only queries only by IP address. IP address and
> domain name combined can be significantly more fine grained on some mail
> providers, so we might be better off waiting until spamassassin is
> capable of querying in their preferred manner before adding it to
> masschecks.
Apparently you can't query the list until you've registered the IP
address of your DNS resolvers with them. This means, it can't be
included as standard in SpamAssassin.
However, I can't figure out how to do that... On
http://www.emailreg.org/index.cgi?p=policy it says:
"The Registered Email Sender List is available to everyone that would
like to utilize it. In order to obtain access you need to register a
domain. Once you have registered a domain you will be able to specify
the IP addresses that you would like to have query the RESL."
So you have to register a domain before you can register your IPs...
It then goes on to say:
"Note that there is no charge for USE of the RESL data via this DNS
query system. If you would like to use the RESL without registering a
domain you may do so by registering HERE."
So you don't have to register a domain before you can register your IPs...
Which is it? Do I have to register a domain, or don't I? So I signed up
for an account and all I see is an option to register my domains with
them, and that costs money... I see no option for registering the IPs of
my resolvers.
--
Mike Cardwell - IT Consultant and LAMP developer
Cardwell IT Ltd. (UK Reg'd Company #06920226) http://cardwellit.com/
Technical Blog: https://secure.grepular.com/blog/
Re: emailreg.org - permission to spamassassin masscheck?
Posted by Warren Togami <wt...@redhat.com>.
On 12/13/2009 09:34 PM, Robert Fleming wrote:
> Add the following rules to your SpamAssassin configuration
>
> header __RCVD_IN_EMAILREG eval:check_rbl('emailreg-trusted',
> 'resl.emailreg.org.')
>
> header RCVD_IN_EMAILREG_0 eval:check_rbl_sub('emailreg-trusted',
> '127.0.\d+.0')
> describe RCVD_IN_EMAILREG_0 Sender listed at http://www.emailreg.org/
> tflags RCVD_IN_EMAILREG_0 nice net
>
> header RCVD_IN_EMAILREG_1 eval:check_rbl_sub('emailreg-trusted',
> '127.0.\d+.1')
> describe RCVD_IN_EMAILREG_1 Sender listed at http://www.emailreg.org/
> tflags RCVD_IN_EMAILREG_1 nice net
>
> score RCVD_IN_EMAILREG_0 -100
> score RCVD_IN_EMAILREG_1 -100
>
> Not sure if the combination of rbl and rbl_sub does exactly what their
> preferred query method is, but nice of them to give sample code.
>
> Rob
>
>
I'm pretty sure this only queries only by IP address. IP address and
domain name combined can be significantly more fine grained on some mail
providers, so we might be better off waiting until spamassassin is
capable of querying in their preferred manner before adding it to
masschecks.
Furthermore, I suspect we want firsttrusted instead of trusted?
Warren
Re: emailreg.org - permission to spamassassin masscheck?
Posted by Robert Fleming <ro...@flemish.org>.
--On December 13, 2009 10:56:32 AM -0500 Warren Togami is rumoured to have
written:
> http://www.emailreg.org/index.cgi?p=usage
> (from domain).(ip).resl.emailreg.org
>
> It seems the preferred method of querying includes both From domain and
> IP address, which is different from other whitelists. Would we need a
> new plugin for spamassassin to query in this fashion?
>>From further down the same page, they suggest the following for SA
Add the following rules to your SpamAssassin configuration
header __RCVD_IN_EMAILREG eval:check_rbl('emailreg-trusted',
'resl.emailreg.org.')
header RCVD_IN_EMAILREG_0 eval:check_rbl_sub('emailreg-trusted',
'127.0.\d+.0')
describe RCVD_IN_EMAILREG_0 Sender listed at http://www.emailreg.org/
tflags RCVD_IN_EMAILREG_0 nice net
header RCVD_IN_EMAILREG_1 eval:check_rbl_sub('emailreg-trusted',
'127.0.\d+.1')
describe RCVD_IN_EMAILREG_1 Sender listed at http://www.emailreg.org/
tflags RCVD_IN_EMAILREG_1 nice net
score RCVD_IN_EMAILREG_0 -100
score RCVD_IN_EMAILREG_1 -100
Not sure if the combination of rbl and rbl_sub does exactly what their
preferred query method is, but nice of them to give sample code.
Rob
emailreg.org - permission to spamassassin masscheck?
Posted by Warren Togami <wt...@redhat.com>.
On 12/12/2009 12:42 AM, Marc Perkel wrote:
> Been using emailreg.org for several months now and it seems like a
> really good white list. Anyone else using it?
>
Would they object to spamassassin's weekly masscheck testing their
accuracy every Saturday? How do we contact them?
http://www.emailreg.org/index.cgi?p=usage
(from domain).(ip).resl.emailreg.org
It seems the preferred method of querying includes both From domain and
IP address, which is different from other whitelists. Would we need a
new plugin for spamassassin to query in this fashion?
Warren Togami
wtogami@redhat.com
Re: emailreg.org - pretty good white list
Posted by Marc Perkel <ma...@perkel.com>.
Bob O'Brien wrote:
>
>
> I am "the whitelist guy" at Barracuda, so I work with them.
> In my opinion, the $20 fee should be considered more like a CAPTCHA.
> It's not simple "pay to play" either. Reports get investigated, and
> delistings can happen. As I'm sure many of the volunteers here are
> all too well aware, $20 won't cover a lot of investigation, and some
> corporate sponsorship might be a great assist.
>
>
Yeah, $20 isn't much to get listed but if you're taken down right away
from data coming from barracuda servers then it probably gets you
blacklisted - and you're out $20.
I assume Bob you have automated delisting?
Anyhow - regardless of the politics and political correctness - what I'm
saying is that as a user of the list - which is free - it works good for
me. (Trying to focus on the technology)
Re: emailreg.org - pretty good white list
Posted by jdow <jd...@earthlink.net>.
From: "Rob McEwen" <ro...@invaluement.com>
Sent: Saturday, 2009/December/12 20:53
> Bob O'Brien wrote:
>> But I have to say (and this is just my personal opinion) that all the
>> people shouting "conspiracy!" (even if joking about it) may have done
>> irreparable harm to the potential for corporations (not just Barracuda)
>> supporting this community in the future.
>
> Bob,
>
> ... (I'm still distrustful of the _quality_ of ANY
> whitelist which involves payment even if the intentions are honorable,
> but that is just my personal taste.)
Rob, would it change your mind in any way if you considered the
$20 a barrier to casual domain shopping as opposed to a cost of
entry? 10 for a dollar domains are no barrier for some sorts of
spam operations. $20/domain becomes a noticeable barrier for low
budget spammers. The big dawg spammers face no barrier (not even
a bounty on their detached scalps.)
{^_^}
Re: emailreg.org - pretty good white list
Posted by Michael Lyon <mj...@gmail.com>.
I would have to agree. The measures to ensure the integrity of the users
are thorough, and the price is minimal. Having gone through the process of
becoming a whitelisted sender (.edu), it made me feel confident endorsing
and using their white/blacklist.
And this is from someone who has been on their blacklist because our
students fell victim to a phishing scam. They do a good job of managing
complaints, as well as dealing with removal requests...they are a model for
what larger ISP and free e-mail providers should follow.
Mike
On Sat, Dec 12, 2009 at 11:12 PM, Marc Perkel <ma...@perkel.com> wrote:
>
>
> Rob McEwen wrote:
>
> Bob O'Brien wrote:
>
>
> But I have to say (and this is just my personal opinion) that all the
> people shouting "conspiracy!" (even if joking about it) may have done
> irreparable harm to the potential for corporations (not just Barracuda)
> supporting this community in the future.
>
>
> Bob,
>
> Someone I have great respect for has vouched to me (off-list) that he
> has inside personal knowledge of emailreg.org and that he knows for 100%
> positive that this is well run, very ethically run, and NOT pay-for-play
> (or something like that--still trying to figure that last one out a
> bit). Nevertheless, given this person's confidential assessment, I am
> now convinced that there are honest and altruistic intentions behindemailreg.org and I'm convinced that those running it must be highly
> ethical and competent. (I'm still distrustful of the _quality_ of ANY
> whitelist which involves payment even if the intentions are honorable,
> but that is just my personal taste.)
>
> However, Bob... regarding your comment above, you have your own self (&
> associates) to blame. The things that have made people suspicious were
> real and noteworthy and did NOT take a nutcase to jump to harsh
> conclusions. Then, when these things were pointed out across several
> threads spanning many, many months--it was at first like pulling teeth
> to get answers. Finally, the answers that did eventually come forth were
> initially somewhat cryptic and evasive, which only pored gasoline on the
> fire, imo.
>
> If it were not for that off-list vote of confidence from someone I
> greatly trust, I'd still have lingering and suspicious questions. (or
> maybe not since I starting to fatigue on this subject.)
>
>
>
>
> I think people on this list have a bad feeling about paid for lists perhaps
> because of lists like UCEProtect that runs a really sloppy blacklist and
> wants money to get delisted. I see no reason that everything has to be free.
> Ultimately we all have to eat and we do something to make a living.
>
> There are people in the world who are both ethical and financially
> successful. So if someone is toing something right and making a buck at it I
> don't have a problem with that.
>
> And - getting back to the technology issue, the list seems to work well. I
> was just wondering how the list was working for other people here?
>
>
RE: emailreg.org - pretty good white list
Posted by R-Elists <li...@abbacomm.net>.
snip
>
> But, as I said, I highly trust my well-placed contact who
> vouches for emailreg.org, so I'm satisfied.
>
snip
> --
> Rob McEwen
Rob,
:-)
ummmmm you did say it a coupla times.
once was enough though right?
:-)
we know who *you* are, yet if you are going to reference this "trusted well
placed contact" in public some more, the can we please remove the secret
squirrel factor?
probably should ask that person to chime in or do whatever to handle it
right.
-rh
Re: emailreg.org - pretty good white list
Posted by Rob McEwen <ro...@invaluement.com>.
Marc Perkel wrote:
> I see no reason that everything has to be free. Ultimately we all have
> to eat and we do something to make a living.
>
> There are people in the world who are both ethical and financially
> successful. So if someone is doing something right and making a buck
> at it I don't have a problem with that.
I agree 100%. But that is not really the issue here. The issue has more
to do with how to set up those business models such that good behavior
on the part of the whitelist maintainer is 'incentivized' and bad
behavior by the whitelist maintainer is 'disincentivized'. Therefore,
generally speaking, it is at least very difficult for any whitelist
which involves payment-then-removal to be a highly ethical operation,
imo. Not saying it can't be done, but this is not normally how
pay-for-removal works out.
Return Path's certification program is probably one of the best examples
of this working out, but that is mostly because (a) Return Path has
sufficient # of high-end and ethical customers such that they are
'incentivized' to dump any low-quality customer that comes along so as
to not sully their reputation with their high profile customers, and (b)
Return Path's whitelist is more valuable if used by more spam
filters--and they lose THAT market share if they allow mainsleaze
spammers on their whitelist. These two things provide incentives for
Return Path to run an ethical list.
Obviously, Return Path and emailreg.org have very different business
models, but I haven't heard very much similar reasoning for how/why
emailreg.org is also properly 'incentivized' for good behavior other
than "trust us", "$20 isn't much money", "we promise, we remove
spammers", and they do have some good hoops that prospective customers
must jump through (proper rDNS, etc).
But, as I said, I highly trust my well-placed contact who vouches for
emailreg.org, so I'm satisfied.
My main point--yes, having revenue is NOT a bad thing--but that doesn't
mean that certain business models for various whitelist/blacklists don't
sometimes 'incentivized' bad behavior--and when it LOOKS like it is
happening, I think the anti-spam community SHOULD ask questions!
--
Rob McEwen
http://dnsbl.invaluement.com/
rob@invaluement.com
+1 (478) 475-9032
Re: emailreg.org - pretty good white list
Posted by Rob McEwen <ro...@invaluement.com>.
Bob O'Brien wrote:
> But I have to say (and this is just my personal opinion) that all the
> people shouting "conspiracy!" (even if joking about it) may have done
> irreparable harm to the potential for corporations (not just Barracuda)
> supporting this community in the future.
Bob,
Someone I have great respect for has vouched to me (off-list) that he
has inside personal knowledge of emailreg.org and that he knows for 100%
positive that this is well run, very ethically run, and NOT pay-for-play
(or something like that--still trying to figure that last one out a
bit). Nevertheless, given this person's confidential assessment, I am
now convinced that there are honest and altruistic intentions behind
emailreg.org and I'm convinced that those running it must be highly
ethical and competent. (I'm still distrustful of the _quality_ of ANY
whitelist which involves payment even if the intentions are honorable,
but that is just my personal taste.)
However, Bob... regarding your comment above, you have your own self (&
associates) to blame. The things that have made people suspicious were
real and noteworthy and did NOT take a nutcase to jump to harsh
conclusions. Then, when these things were pointed out across several
threads spanning many, many months--it was at first like pulling teeth
to get answers. Finally, the answers that did eventually come forth were
initially somewhat cryptic and evasive, which only pored gasoline on the
fire, imo.
If it were not for that off-list vote of confidence from someone I
greatly trust, I'd still have lingering and suspicious questions. (or
maybe not since I starting to fatigue on this subject.)
--
Rob McEwen
http://dnsbl.invaluement.com/
rob@invaluement.com
+1 (478) 475-9032
Re: emailreg.org - pretty good white list
Posted by Eric Wood <er...@interplas.com>.
On 12/12/2009 4:52 PM, Bob O'Brien wrote:
> I am "the whitelist guy" at Barracuda, so I work with them.
> In my opinion, the $20 fee should be considered more like a CAPTCHA.
> It's not simple "pay to play" either. Reports get investigated, and
> delistings can happen. As I'm sure many of the volunteers here are
> all too well aware, $20 won't cover a lot of investigation, and some
> corporate sponsorship might be a great assist.
Then I am totally confused with this official statemtent:
http://www.emailreg.org/index.cgi?p=news&id=4
You can or can't delist us?
As an aside, occasionally, ip's get listed only on 1 RBL. The RBL offers
no proof of the email which triggered the listing. You're just there!
I call this lone RBL a "heckler RBL". It is the only RBL out there
which is causing a handful of recipients to not receive email. Why
sysadmins only trust >0 RBLs, I don't know.
--
*Eric Wood*
CTO
Re: emailreg.org - pretty good white list
Posted by Dave Pooser <da...@pooserville.com>.
On 12/12/09 3:52 PM, "Bob O'Brien" <bo...@barracuda.com> wrote:
> I am "the whitelist guy" at Barracuda, so I work with them.
> In my opinion, the $20 fee should be considered more like a CAPTCHA.
> It's not simple "pay to play" either. Reports get investigated, and
> delistings can happen. As I'm sure many of the volunteers here are
> all too well aware, $20 won't cover a lot of investigation, and some
> corporate sponsorship might be a great assist.
Personally, I would be much less suspicious of the concept if there were an
alternate way to get on the whitelist without paying. Something like "send
in a form with your D&B number, wait four weeks, and during that time we'll
be storing information about the relative spaminess/haminess of your
outbound mailstream-- and no outbound stream at all is going to be
considered suspicious. At the end of that time we'll send you an
accept/reject notification. Or, for expedited whitelisting, send $20 to...."
But the fact of the matter is, what we on the outside see:
1) Barracuda publishes a blocklist
2) Blocklist appears to be listing some arbitrary IP ranges
3) Solution to arbitrary listing is sending money to organization affiliated
with Barracuda in some not-particularly-transparent way.
Do you honestly not see why people might perceive that as questionable?
If there were a no-charge method of getting added to the whitelist, I'd have
done it at $DAYJOB. But as it is, it feels like paying the large Italian guy
who comes around and says "Nice mail server ya gots here-- be a shame if
something wuz to HAPPEN to it...."
--
Dave Pooser
Cat-Herder-in-Chief, Pooserville.com
"...Life is not a journey to the grave with the intention of arriving
safely in one pretty and well-preserved piece, but to slide across the
finish line broadside, thoroughly used up, worn out, leaking oil, and
shouting GERONIMO!!!" -- Bill McKenna
Re: emailreg.org - pretty good white list
Posted by Bob O'Brien <bo...@barracuda.com>.
Michael Scheidell wrote:
> But....... you draw your own conclusions. the best thing about a
> conspiracy theory is that there is little proof. if this is little
> proof, then this would make a good conspiracy theory.
>
> YMMV.
>
I have more evidence for you:
Barracuda Networks uses the emailreg.org list.
Barracuda Networks supports emailreg.org with network resources.
Barracuda Networks helped supply thousands of domains with observed
good mailing history, as "pre-registration" data, to help overcome
the classic "chicken and egg" problem of whitelist startup.
Barracuda Networks has confidential communications with emailreg.org,
and if that's all it takes for people to call it a "conspiracy", then
fine, but that is most often used as a very ugly and inflammatory word.
I am "the whitelist guy" at Barracuda, so I work with them.
In my opinion, the $20 fee should be considered more like a CAPTCHA.
It's not simple "pay to play" either. Reports get investigated, and
delistings can happen. As I'm sure many of the volunteers here are
all too well aware, $20 won't cover a lot of investigation, and some
corporate sponsorship might be a great assist.
But I have to say (and this is just my personal opinion) that all the
people shouting "conspiracy!" (even if joking about it) may have done
irreparable harm to the potential for corporations (not just Barracuda)
supporting this community in the future.
Bob
--
Re: emailreg.org - pretty good white list
Posted by Michael Scheidell <sc...@secnap.net>.
On 12/12/09 11:30 AM, Sahil Tandon wrote:
> On Fri, 11 Dec 2009, Marc Perkel wrote:
>
>
>> Been using emailreg.org for several months now and it seems like a
>> really good white list. Anyone else using it?
>>
> Not here. They charge a $20.00 administrative fee per registered
> domain, purportedly to prevent "domain tasters". This is odd, given
> their own criticism of other fee-charging white listing services:
>
>
rumor has it they have some connection with the barracuda blacklist. I
don't think that just because barracuda owns the ip address that they
use, and that if you get blacklisted by barracuda and they recommend
emailreg.org that this is proof positive that barracuda actually owns them.
rumor has it they used to use barracuda's dns servers (they don't
anymore, if they ever did)
But....... you draw your own conclusions. the best thing about a
conspiracy theory is that there is little proof. if this is little
proof, then this would make a good conspiracy theory.
YMMV.
host -t a www.emailreg.org
www.emailreg.org is an alias for emailreg.org.
emailreg.org has address 64.235.146.64
whois 64.235.146.64
OrgName: Barracuda Networks, Inc.
OrgID: BARRA-7
Address: 3175 S. Winchester Blvd
City: Campbell
StateProv: CA
PostalCode: 95008
Country: US
NetRange: 64.235.144.0 - 64.235.159.255
CIDR: 64.235.144.0/20
OriginAS: AS15324
NetName: BARRAUCDA
NetHandle: NET-64-235-144-0-1
Parent: NET-64-0-0-0-0
NetType: Direct Assignment
NameServer: NS1.BARRACUDA.COM
NameServer: NS2.BARRACUDA.COM
Comment:
RegDate: 2006-10-31
Updated: 2008-06-05
RAbuseHandle: BARRA1-ARIN
RAbuseName: Barracuda Hostmaster
RAbusePhone: +1-408-342-5400
RAbuseEmail: hostmaster@barracuda.com
RNOCHandle: BARRA1-ARIN
RNOCName: Barracuda Hostmaster
RNOCPhone: +1-408-342-5400
RNOCEmail: hostmaster@barracuda.com
RTechHandle: BARRA1-ARIN
RTechName: Barracuda Hostmaster
RTechPhone: +1-408-342-5400
RTechEmail: hostmaster@barracuda.com
OrgTechHandle: BARRA1-ARIN
OrgTechName: Barracuda Hostmaster
OrgTechPhone: +1-408-342-5400
OrgTechEmail: hostmaster@barracuda.com
--
Michael Scheidell, CTO
Phone: 561-999-5000, x 1259
> *| *SECNAP Network Security Corporation
* Certified SNORT Integrator
* 2008-9 Hot Company Award Winner, World Executive Alliance
* Five-Star Partner Program 2009, VARBusiness
* Best Anti-Spam Product 2008, Network Products Guide
* King of Spam Filters, SC Magazine 2008
_________________________________________________________________________
This email has been scanned and certified safe by SpammerTrap(r).
For Information please see http://www.spammertrap.com
_________________________________________________________________________
Re: emailreg.org - pretty good white list
Posted by Benny Pedersen <me...@junc.org>.
On tir 15 dec 2009 00:32:31 CET, mouss wrote
> <head>
> Can all the guys who think 20 isn't much send me 10$ each? I promise to
> write a song for you.
> </head>
what if the snail postman did not get paid ?, how many snailmails
would not be sent ?, its wonder me that email is completely free of
charge in the first place
maybe snailpostman should take $20 for each letter now to prevent spam
snailmails :)
what will the song be called btw ?
--
xpoint http://www.unicom.com/pw/reply-to-harmful.html
Re: emailreg.org - pretty good white list
Posted by mouss <mo...@ml.netoyen.net>.
jdow a écrit :
> [snip]
>
> Per a discussion off the list the $20 is, as mentioned, pretty much a
> captcha and as the web site declares, an inoculation against "domain
> tasting" or 10 for a dollar .cn domains. The thousands of names
> registration isn't going to get through either ReturnPath or emailreg.org.
> It takes time to run through the hoops in either case. And $20k is a whole
> different ballpark for dollar expense than $200.
>
> It's not bulletproof. But it's probably worth a small negative score to
> allow legitimate emails a tiny bump. Their oddball DNS poll also may be
> an inoculation against emails originating from a site's hacked systems.
>
> In as much as one Aw Shit seems to wipe out 100 Brownie Points this may
> provide legitimate small businesses a quick way out of the blocked status
> once they clear up their infections, sort of like awarding Brownie Points
> 10 or more at a time.
>
> {^_^}
<head>
Can all the guys who think 20 isn't much send me 10$ each? I promise to
write a song for you.
</head>
<body>
the problem with the "20 isn't much" is if 1000 guys/groups decide to
run their whitelists and ask for 20$ (on each). then I need to pay
20*1000 = 20K USD. that's a captchoom. now, what if one million guys
start their lists...
</body>
<footer>
and of course, for each 20$, I'll need to add the fees (unless they have
employees who can ring my bell :). and I also need to check they are a
legitimate organization, because giving money to mafia/terrorists/... is
prohibited (at least over here). etc etc etc...
</footer>
Re: emailreg.org - pretty good white list
Posted by jdow <jd...@earthlink.net>.
From: "Sahil Tandon" <sa...@tandon.net>
Sent: Saturday, 2009/December/12 15:23
> On Sat, 12 Dec 2009, jdow wrote:
>
>> From: "Marc Perkel" <ma...@perkel.com>
>> Sent: Saturday, 2009/December/12 09:42
>> >
>> >Sahil Tandon wrote:
>> >On Fri, 11 Dec 2009, Marc Perkel wrote:
>> >
>> > Been using emailreg.org for several months now and it seems like a
>> >really good white list. Anyone else using it?
>> >
>> >Not here. They charge a $20.00 administrative fee per registered
>> >domain, purportedly to prevent "domain tasters". This is odd, given
>> >their own criticism of other fee-charging white listing services:
>> >
>> >"The business model behind other whitelisting services pushes e-mail
>> >into
>> >a "paid" model. Senders pay to be included in the lists mentioned above.
>> >Of course, commercial providers have an incentive to enforce their
>> >policies (otherwise people would stop using them), but only potentially
>> >"bad" senders have an incentive to make use of such paid services. But
>> >for the typical receiver (ie you) they do not help to reduce the risk of
>> >losing mail for the majority of e-mail senders (eg customers and
>> >partners). It would be counter-intuitive to require all senders to pay
>> >one of the third parties just to let email through."
>> >
>> >My comment wasn't about their policies. I'm just saying that as a
>> >list user, which is free, it works well. Quite frankly I think the
>> >$20 charge to get rid of tasters might be effective.
>>
>> Somehow I think $20 is chump change, tip change, for the real spammers.
>> {^_^}
>
> Precisely my point.
Per a discussion off the list the $20 is, as mentioned, pretty much a
captcha and as the web site declares, an inoculation against "domain
tasting" or 10 for a dollar .cn domains. The thousands of names
registration isn't going to get through either ReturnPath or emailreg.org.
It takes time to run through the hoops in either case. And $20k is a whole
different ballpark for dollar expense than $200.
It's not bulletproof. But it's probably worth a small negative score to
allow legitimate emails a tiny bump. Their oddball DNS poll also may be
an inoculation against emails originating from a site's hacked systems.
In as much as one Aw Shit seems to wipe out 100 Brownie Points this may
provide legitimate small businesses a quick way out of the blocked status
once they clear up their infections, sort of like awarding Brownie Points
10 or more at a time.
{^_^}
Re: emailreg.org - pretty good white list
Posted by Sahil Tandon <sa...@tandon.net>.
On Sat, 12 Dec 2009, jdow wrote:
> From: "Marc Perkel" <ma...@perkel.com>
> Sent: Saturday, 2009/December/12 09:42
> >
> >Sahil Tandon wrote:
> >On Fri, 11 Dec 2009, Marc Perkel wrote:
> >
> > Been using emailreg.org for several months now and it seems like a
> >really good white list. Anyone else using it?
> >
> >Not here. They charge a $20.00 administrative fee per registered
> >domain, purportedly to prevent "domain tasters". This is odd, given
> >their own criticism of other fee-charging white listing services:
> >
> >"The business model behind other whitelisting services pushes e-mail into
> >a "paid" model. Senders pay to be included in the lists mentioned above.
> >Of course, commercial providers have an incentive to enforce their
> >policies (otherwise people would stop using them), but only potentially
> >"bad" senders have an incentive to make use of such paid services. But
> >for the typical receiver (ie you) they do not help to reduce the risk of
> >losing mail for the majority of e-mail senders (eg customers and
> >partners). It would be counter-intuitive to require all senders to pay
> >one of the third parties just to let email through."
> >
> >My comment wasn't about their policies. I'm just saying that as a
> >list user, which is free, it works well. Quite frankly I think the
> >$20 charge to get rid of tasters might be effective.
>
> Somehow I think $20 is chump change, tip change, for the real spammers.
> {^_^}
Precisely my point.
--
Sahil Tandon <sa...@tandon.net>
Re: emailreg.org - pretty good white list
Posted by jdow <jd...@earthlink.net>.
From: "Marc Perkel" <ma...@perkel.com>
Sent: Saturday, 2009/December/12 09:42
>
> Sahil Tandon wrote:
> On Fri, 11 Dec 2009, Marc Perkel wrote:
>
> Been using emailreg.org for several months now and it seems like a
> really good white list. Anyone else using it?
>
> Not here. They charge a $20.00 administrative fee per registered
> domain, purportedly to prevent "domain tasters". This is odd, given
> their own criticism of other fee-charging white listing services:
>
> "The business model behind other whitelisting services pushes e-mail into
> a "paid" model. Senders pay to be included in the lists mentioned above.
> Of course, commercial providers have an incentive to enforce their
> policies (otherwise people would stop using them), but only potentially
> "bad" senders have an incentive to make use of such paid services. But
> for the typical receiver (ie you) they do not help to reduce the risk of
> losing mail for the majority of e-mail senders (eg customers and
> partners). It would be counter-intuitive to require all senders to pay
> one of the third parties just to let email through."
>
> --
> Sahil Tandon <sa...@tandon.net>
>
>
> My comment wasn't about their policies. I'm just saying that as a list
> user, which is free, it works well. Quite frankly I think the $20 charge
> to get rid of tasters might be effective.
Somehow I think $20 is chump change, tip change, for the real spammers.
{^_^}
Re: emailreg.org - pretty good white list
Posted by Sahil Tandon <sa...@tandon.net>.
On Sat, 12 Dec 2009, Marc Perkel wrote:
[HTML snipped]
I'm thrilled that it works well for you; my note was for posterity and
other readers who might benefit from knowing about the odd inconsistency
I mentioned in my initial reply.
--
Sahil Tandon <sa...@tandon.net>
Re: emailreg.org - pretty good white list
Posted by Sahil Tandon <sa...@tandon.net>.
On Fri, 11 Dec 2009, Marc Perkel wrote:
> Been using emailreg.org for several months now and it seems like a
> really good white list. Anyone else using it?
Not here. They charge a $20.00 administrative fee per registered
domain, purportedly to prevent "domain tasters". This is odd, given
their own criticism of other fee-charging white listing services:
"The business model behind other whitelisting services pushes e-mail into
a "paid" model. Senders pay to be included in the lists mentioned above.
Of course, commercial providers have an incentive to enforce their
policies (otherwise people would stop using them), but only potentially
"bad" senders have an incentive to make use of such paid services. But
for the typical receiver (ie you) they do not help to reduce the risk of
losing mail for the majority of e-mail senders (eg customers and
partners). It would be counter-intuitive to require all senders to pay
one of the third parties just to let email through."
--
Sahil Tandon <sa...@tandon.net>