Jump to content

Plaintext web based report we can retrieve regularly


Recommended Posts

Posted

Hello Spamcop,

We are currently working with a security organization used by many major hosting providers in the US and UK. They have a system in place so that many providers can check regularly either manually or using automated tools to see IP addresses that are being used maliciously and what it is the have been reported or detected doing. We can then take whatever action necessary for each of the different types. Anything from notifying the server owner that a problem may exist or null routing the IP address automatically and flagging the issue for a staff member to deal with (like terminate the client or help them with their security problem).

Is there any chance that SpamCop can institute, even password protected using .htaccess style logins, a listing of problem IP addresses for each ASN or something similar?

Something like a list at, for example, http://www.spamcop.net/current/summary_report.php:

10.231.227.45  2007-04-04 10:41 Trap-10 Mole-0 User-1 Simp-0
10.85.54.231  2007-04-04 09:41 Trap-0 Mole-0 User-23 Simp-0

The content of that report would be different depending on who logged in to the protected page. Or perhaps you could share your data with this security organization so that they can include it in their reports?

Posted

Your 'summary' page is based on a cookie/password login, so useless for anyone else to 'look at' from here.

The samples offered are bogus IP addresses.

What would really be something to discuss here would be exactly why SpamCop.net reports would not be sufficient to indicate an on-going issue with spew from an IP address.

Asking about interfacing with 'unknown entities' surely isn't going to get much discussion, much less specific answers. Reading the FAQ entry about ISP accounts (especially those links found 'here' and in the Wiki would indicate that just aboput anyone can sign up for those summary reports for any range of IP addresses ... in fact, there have been a coule of idiots that managed to ask for the whole of the IP4 address range, then of course complaining about the data returns ....

Is the actual question more along the lines of "Why am I not receiving Reports from SpamCop.net?" ....

Perhaps something to do with spamtrap hits? (which is yet another whole issue)

Again, the question raised here is that if receiving reports directly isn't sufficient, what makes the additional third-party security outfits/actions any more indictive of an on-going spew problem?

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...