How Spamhaus addresses DNS abuse

In this latest segment of the iQ video blog series, I conducted a wide ranging discussion with Carel Bitter, the Head of Data at Spamhaus. Carel is is part of the very fabric of The Spamhaus Project, having been with the organization for over a decade.

Topics include:

  • How is the Spamhaus Domain Block List (DBL) used?
  • How is the list compiled? How do you calculate it?
  • Comments on real data vs. fake data use trends.
  • Comments on measuring the effect of price vs. measuring # of abuse reports in new gTLDs vs. ccTLDs and legacy TLDs.
  • How can a TLD or registrar get off the “bad list”?
  • How can a registry, registrar, or registrant remove a specific name or bulk list of names from the DBL?
  • What about domains in the DBL where no evidence of spam is actually detected?
  • Any systematic way to provide a real time feedback loop on takedowns/serverHolds?
  • Why do some TLD or registrars suddendly appear and then disappear from the bad lists?
  • What about providing evidence? Is it possible to get email headers or other evidence with your reports?
  • What are some new attack vectors you are observing these days? What’s a “phishing rod” threat vs. a “phishing” threat?

I hope you find the inteview helpful to your operation. We all must continue to cooperate and share knowledge in the effort to fight DNS abuse.

Published by pinkybrand

I publish to three blogs. One (PinkysEye.com) is related to my lifelong interest in photography, video, travel, and telling stories. The second (PinkyBrand.com) addresses my experiences and opinions in the domain name industry, where I’ve spent the better part of the last 25 years at the registry and registrar levels. The third (iq.global/blog) shares knowledge and updates from iQ Global AS regarding cybersecurity, business intelligence, DNS abuse, DevOps and consulting for the domain name and hosting industries.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

<span>%d</span> bloggers like this: