In this latest segment of the iQ video blog series, I conducted a wide ranging discussion with Carel Bitter, the Head of Data at Spamhaus. Carel is is part of the very fabric of The Spamhaus Project, having been with the organization for over a decade.
Topics include:
- How is the Spamhaus Domain Block List (DBL) used?
- How is the list compiled? How do you calculate it?
- Comments on real data vs. fake data use trends.
- Comments on measuring the effect of price vs. measuring # of abuse reports in new gTLDs vs. ccTLDs and legacy TLDs.
- How can a TLD or registrar get off the “bad list”?
- How can a registry, registrar, or registrant remove a specific name or bulk list of names from the DBL?
- What about domains in the DBL where no evidence of spam is actually detected?
- Any systematic way to provide a real time feedback loop on takedowns/serverHolds?
- Why do some TLD or registrars suddendly appear and then disappear from the bad lists?
- What about providing evidence? Is it possible to get email headers or other evidence with your reports?
- What are some new attack vectors you are observing these days? What’s a “phishing rod” threat vs. a “phishing” threat?
I hope you find the inteview helpful to your operation. We all must continue to cooperate and share knowledge in the effort to fight DNS abuse.