#blocklists — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #blocklists, aggregated by home.social.
-
The update you have been waiting for:
"Eighteen Years of Greytrapping - Is the Weirdness Finally Paying Off?" https://nxdomain.no/~peter/eighteen_years_of_greytrapping.html (tracked https://bsdly.blogspot.com/2025/08/eighteen-years-of-greytrapping-is.html)
now has the complete 2025 data in place. #openbsd #spamd #greytrapping #spam #antispam #cybercrime #spamtraps #blocklists
-
The update you have been waiting for:
"Eighteen Years of Greytrapping - Is the Weirdness Finally Paying Off?" https://nxdomain.no/~peter/eighteen_years_of_greytrapping.html (tracked https://bsdly.blogspot.com/2025/08/eighteen-years-of-greytrapping-is.html)
now has the complete 2025 data in place. #openbsd #spamd #greytrapping #spam #antispam #cybercrime #spamtraps #blocklists
-
The update you have been waiting for:
"Eighteen Years of Greytrapping - Is the Weirdness Finally Paying Off?" https://nxdomain.no/~peter/eighteen_years_of_greytrapping.html (tracked https://bsdly.blogspot.com/2025/08/eighteen-years-of-greytrapping-is.html)
now has the complete 2025 data in place. #openbsd #spamd #greytrapping #spam #antispam #cybercrime #spamtraps #blocklists
-
The update you have been waiting for:
"Eighteen Years of Greytrapping - Is the Weirdness Finally Paying Off?" https://nxdomain.no/~peter/eighteen_years_of_greytrapping.html (tracked https://bsdly.blogspot.com/2025/08/eighteen-years-of-greytrapping-is.html)
now has the complete 2025 data in place. #openbsd #spamd #greytrapping #spam #antispam #cybercrime #spamtraps #blocklists
-
The update you have been waiting for:
"Eighteen Years of Greytrapping - Is the Weirdness Finally Paying Off?" https://nxdomain.no/~peter/eighteen_years_of_greytrapping.html (tracked https://bsdly.blogspot.com/2025/08/eighteen-years-of-greytrapping-is.html)
now has the complete 2025 data in place. #openbsd #spamd #greytrapping #spam #antispam #cybercrime #spamtraps #blocklists
-
With the source(s) offline, there's no way to confirm anything against the originals or even alert the author that there are issues.
So... if you are using updatable #blocklists collected from #3rdParty sources and you're seeing issues that may be associated with DNS validation, it would be a good time to verify your sources... and that they haven't been compromised.
/fin
-
2/?
The quick fix was to reset the network to point to #Quad9 as a temporary DNS default.
After digging back in a day later, it seems there are multiple points of failure, all beginning on July 31st at 5:32am, and it includes what I'd call #poisoned #blocklists.
My DNS updates its internal cached list from external sources every 2 hours. Blocking reports showed at least 3 separate lists that were tainted, and all were coming from ente(dot)dev.
-
The long version of why you need key authentication for your SSH servers - "The Hail Mary Cloud and the lessons learned" https://nxdomain.no/~peter/hailmary_lessons_learned.html #ssh #keys #passwordgroping #unix #linux #openbsd #freebsd #pf #packetfilter #statetracking #blocklists #cybercrime #hacking
Also, The 4th edition of the Book of PF is coming soon: https://nxdomain.no/~peter/yes_the_book_of_pf_4th_ed_is_coming.html
-
Following up on previous, the LinkedIn discussion revealed that there are people who have not heard about greylisting.
So here is my 2012 piece with updates, "In The Name Of Sane Email: Setting Up OpenBSD's spamd(8) With Secondary MXes In Play - A Full Recipe" https://nxdomain.no/~peter/in_the_name_of_sane_email.html
#spamd #antispam #spamd.conf #OpenBSD #blocklists #blacklists #greytrapping #greylisting #spam
-
The Fediverse, a network of independently run servers using the ActivityPub protocol, is #segmented by #serverblocks.
🚧 These #blocks, often based on imported #blocklists, create #echochambers and hinder message threads.
🏔️ While #decentralisation is a goal, the Fediverse’s current state, with heavy-handed #moderation and #serverblocking, undermines this principle.
👉 https://battlepenguin.com/tech/the-broken-fediverse?Fedizen.EU #Fedizen #Fediverse #ActivityPub #News
-
Should I Stop Caring and Let IP Address Reputation Sort Them Out? https://nxdomain.no/~peter/should_i_stop_caring_and_let_ip_reputation_sort_them_out.html
How long does data on misbehaving hosts on the Internet stay relevant in an IP Address Reputation context?
Link to poll within (on for a week, 4 days left, please *do* vote).
#security #passwordguessing #antispam #sshgropers #pop3gropers #blacklists #blocklists #bruteforcers #spam #cybercrime #ipreputation
(repost for the CET-ish crowd, some still in holiday mode, and with graphics of sorts added)
-
@Kevin Karhan :verified: To quote Arthur C. Clarke:Any sufficiently advanced technology is indistinguishable from magic.
And for your average Musk escapees, Mastodon alone is more than sufficiently advanced. These people believe that there's some magic going on that makes their fully public posts private and secure regardless. They want perfect security, but with zero inconvenience, and they think Mastodon provides them with exactly this.
In fact, they expect Mastodon to be an absolutely perfectly safe haven, simply because it isn't a corporate silo. Little do they know how close to being a corporate silo Mastodon is, what with having a US-based company and a lighthouse instance that accounts for 22% of the whole Fediverse in terms of MAUs.
On top of that, more than half of all Mastodon users think the Fediverse is only Mastodon, and most of the rest can't imagine that anything in the Fediverse could possibly have features that Mastodon doesn't have. Not unless you slap them right into their faces like character limits over 500.
They cling hard to and rely on an imagination of the Fediverse that has never even been close to reality and never will.
As for The Bad Space, its blocklist looks like it's curated not by evidence, but by emotional triggers. Generally, some blocklists go so wild that you have to ask yourself whether the reason why nobody has tried to block out everything that isn't vanilla Mastodon is because that'd be too big an effort (two out of three Fediverse instances aren't Mastodon), or whether such people simply don't know how far the Fediverse extends beyond Mastodon, so they don't know what to block. I mean, there should be reasons enough to block everything that isn't Mastodon.
Blocklist import from other instances doesn't make things any better. Just like on all networks where everyone can run a server, the Fediverse, especially Mastodon, has got admins who really shouldn't run a server. It looks very tempting to pick blocklists by length rather than content, the longer, the more "secure", import a bunch of them, but not curate them because that'd be extra effort.
In this light, it's a good thing that Oliphant put the tier-1 to tier-3 blocklists onto the chopping block when switching from manual list curation to automated list aggregation a while ago. Especially tier 3 would have been easy to exploit with little to no curation, and there certainly were enough sufficiently paranoid Mastodon admins who'd subscribe to tier 3 without ever taking a single peek at the list.
Sometimes I feel like going to Mastodon's GitHub repository and submitting blocking or allowing entire Fediverse server applications by user agent, both for admins and for users, as a feature request, just to see what'll happen. Maybe dumbed down on the user side to a switch that blocks everything that isn't Mastodon. But maybe I should also mention that (streams) already has this feature on the admin side so that the Mastodon devs have to think up a way to sell this as invented by Mastodon.
#Long #LongPost #CWLong #CWLongPost #FediMeta #FediverseMeta #CWFediMeta #CWFediverseMeta #Fediverse #Mastodon #NotOnlyMastodon #FediverseIsNotMastodon #MastodonIsNotTheFediverse #Blocklist #Blocklists #BlocklistMeta #CWBlocklistMeta -
📹 Ep 9."Blockbusters: Five essential steps for every ESP to avoid blocklists."
📅 Sept 18th | 10am EST | 4pm CET📢 Join @[email protected] Melinda Plemel LIVE with Lauren Meyer from @socketlabs and learn how to stay off IP and domain blocklists.
Got a question on this topic? Submit it in the comments below.
Watch the LinkedIn Live here 👇
https://www.linkedin.com/events/7229469482753167361/comments/ -
📢 ESPs! Join Lauren Meyer from @socketlabs and Melinda Plemel from @spamhaustech Technology LIVE! 🤩
Topic: Blockbusters: Five essential steps for every ESP to avoid blocklists.
Date & Time: Wednesday, September 18th, 11am EDT
Join here: [https://www.linkedin.com/events/7229469482753167361/Mark your calendars now for this must-see LinkedIn Live! 🍿✨
-
❗REMINDER | Abuse desks, Trust & Safety Teams and Senders!
Later this month Spamhaus Blocklist (SBL) listings will be moving from www.spamhaus.org to the Spamhaus IP and Domain Reputation Checker:
check.spamhaus.org
Make you know how listing notifications will change and where to view SBL listings - learn more here 👇
https://www.spamhaus.org/news/article/825/spamhaus-blocklist-sbl-listings-are-moving -
I realized just now that the previous had an important reference that needed to be made trackerless, so "DDOS Bots Are People! (Or Manned By Some, At Least)" is now available as https://nxdomain.no/~peter/ddos-bots-are-people-or-manned-by-some.html #UDP #OpenBSD #blacklists #blocklists #DNS #blackhole #routing #ethics #netflow #security #monitoring #PF #nfsen #DDOS #attack
-
@StartpageSearch
There are two caveats to the above to be mindful of.1. Unfortunately CloudFlare is used by #Visa last we checked but Visa have a bespoke setup that negates the need for the aforementioned '#CFRay'.
2. Be mindful that the #UBlock addon fetches all its #blockLists from CloudFlare. May be reason for not blocking or warning of the #MITMAttack, and why BCMA #addon is neccessary.
Don't trust BCMA.xpi? — Convert the #XPI to a #ZIP file and read the code.
https://notabug.org/dCF/deCloudflare/src/master/subfiles/about.bcma.md
