[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[dnswl-users] Experimental dnswl.org feature - Abuse Reporting


Hello DNSWL.org users,

Over the past couple of days, we started to implement a feature to get
feedback about spam (and other forms of abuse) from dnswl.org-listed
IP addresses.

The feature is still experimental, but we would like to get a handful
of you to test it out. It is currently a simple web form, but we plan
to add an SMTP option as soon as things have matured a bit.

Basically, there are four steps to the Abuse Reporting process:

1) The user (that would be you :) ) copy&pastes the raw mail source
into the web form. (Currently, you should also indicate the offending
IP, because the parser is very limited)
2) A regularly running script tries to add additional information to
your report - DNSWL Id, link to internally stored network ranges etc.
3) Editors review the reports and give three types of feedback:
** Is it really spam/abuse?
** Indicate what action has been taken (no action, rescore, delist, "other")
** And actually execute the action
4) The user (again, you!) can see the progress of each report in the
web form (for the last 20 or so reports).

Reports about IPs not listed in our DB may get deleted.

If you would like to participate in the trial phase, please send me an
email directly to matthias(at)leisi.net indicating your preferred
login name and I'll send you the login information.

In the trial phase, we would like to find out whether the process
works as intended, or where/how it would need to be adjusted.
Additionally, we would like to get an array of different Received:
header formats, so that the reporting can be better automated.

Thanks,
-- Matthias, for dnswl.org



Follow-Ups:
Re: [dnswl-users] Experimental dnswl.org feature - Abuse ReportingJost Krieger <Jost.Krieger+dnswl@xxxxxxxxxxxxxxxxxx>