This is an interesting idea, but it could quickly fall into abuse.
Without some semblance of control over the list (And Tucows, being
a wholesaler, has no real visibility into fraud cases except
what's reported and assumed accurate) it would grow to such size
that no one on the Internet could purchase from OpenSRS Anti-Fraud
happy resellers ;)
Charles Daminato
TUCOWS Product Manager
chuck@tucows.com
On Sun, 1 Sep 2002, POWERHOUSE wrote:
> Maybe we should all make one, Tucows could host the file, call it bips.txt
> making it world writable, in a hidden place,
> that only the CURRENT resellers know about, then we could have the
> reg_system.cgi script use LWP to open the file,
> and check the IP's and if it's listed, then deny access, for fraud
> protection, and if it's not then it would continue as normal.
> On the other hand, if the user keeps trying, have the reg_system.cgi file
> keep track of usage by IP addresses, and if the
> script hits a certain requirement, then ADD the IP to the list, using LWP
> again. Since the Script would do it, it would be
> behind the scenes, therefore the customer would never even know.
>
> I think it may work. Another alternative would be to have the reg_system.cgi
> script emial a particular address, that tucows
> could setup, and have the email sent from within the script, so it's a
> hidden address, and can't be harvested, and have the
> format like this:
>
> to: ipban@whatever.com
> subject: IP being used for fraud
> body:
> ip=12.12.12.12
>
> Then have the email ipban@whatever.com being piped into a script that will
> take that IP and add it to the list of IP Addresses.
> That way it will stay updated, with current IP's that where being used in
> bad faith. Plus you could even have them fall off after
> 6 months, or so. A lot of ISP's are moving to Proxy systems, so it may not
> work as well as we hope, but it may cut down on some
> SERIES of fraudulent purchases.
>
> Just a thought.
> Richard.
>
>
> ----- Original Message -----
> From: "Charles Daminato" <chuck@tucows.com>
> To: "POWERHOUSE" <powerhouse@servicenterprises.com>
> Cc: "Mike Allen" <discusslist@4cheapdomains.net>; "discuss-list"
> <discuss-list@opensrs.org>
> Sent: Sunday, September 01, 2002 11:10 AM
> Subject: Re: IP's to Block...
>
>
> > This isn't an inappropriate list for this type of request
> > (actually, if you check the archives, it has been discussed before
> > - but the information is likely out of date).
> >
> > It would be interesting to know how our global partners feel about
> > this sort of practice to combat fraud.
> >
> > Charles Daminato
> > TUCOWS Product Manager
> > chuck@tucows.com
> >
> > On Sun, 1 Sep 2002, POWERHOUSE wrote:
> >
> > > I would not mind such a list either.
> > >
> > > Thanks.
> > > Richard.
> > >
> > > ----- Original Message -----
> > > From: Mike Allen
> > > To: discuss-list
> > > Sent: Sunday, September 01, 2002 10:13 AM
> > > Subject: OT: IP's to Block...
> > >
> > >
> > > Hi All,
> > >
> > > If anyone can lend some advice as to a good list of IP's to
> > > block from our domain sales servers, please notify me off list
> > > as I am probably going to be told this is not the proper list
> > > for this topic but I can not think of any other way to reach the
> > > OpenSRS friends in the world. We are receiving a LOT of bad
> > > credit card numbers lately and it is starting to get annoying
> > > ;o)
> > >
> > > --
> > > Mike Allen, 4CheapDomains.Net
> > > discusslist@4CheapDomains.Net
> > > http://www.4CheapDomains.Net
> > > Need Advertising? Try DeerSearch.Com http://www.DeerSearch.com
> > >
> >
> >
> >
>
>
This archive was generated by hypermail 2.1.3 : Tue Oct 19 2004 - 23:37:26 EDT