Discuss May 2005

discuss@lists.surbl.org

34 participants
64 discussions

RE: [SURBL-Discuss] newly registered domains
by Matthew Wilson 09 May '05

09 May '05

Why not integrate a whois date lookup directly into SURBL or URIBL? Design an encoding system whereby suspectedspammydomain.spammertld.dr.surbl.org (or uribl.com) would return the date somehow regex encoded in the IP address. Then write a nice SA rule that decodes it, also using regex. Are there any regex geniuses out there that could encode a date in an IP address? -Matthew > Well this has been brought up before. It is a very good idea, > however difficult to implement. … [View More]

1 0

RE: [SURBL-Discuss] newly registered domains
by Chris Santerre 09 May '05

09 May '05

>-----Original Message----- >From: Matthew Wilson [mailto:matthew@boomer.com] >Sent: Sunday, May 08, 2005 9:29 PM >To: Jeff Chan; SURBL Discussion list >Subject: [SURBL-Discuss] newly registered domains > > >Does anyone know of a SA rule to check how recently a domain name has >been registered? > >The various uri lookups catch the vast majority of spammy urls during >the day, but from 2-5 a.m. CST, my servers get hit with tons of spam >with urls that … [View More]

2 1

RE: [SURBL-Discuss] multi.surbl.org.rbldnsd Update Times
by Smith, Eric 09 May '05

09 May '05

When you say several times an hour, does that mean weekends and holidays also? /E. -----Original Message----- From: discuss-bounces(a)lists.surbl.org [mailto:discuss-bounces@lists.surbl.org] On Behalf Of Jeff Chan Sent: Sunday, May 08, 2005 11:01 AM To: SURBL Discussion list Subject: Re: [SURBL-Discuss] multi.surbl.org.rbldnsd Update Times On Sunday, May 8, 2005, 7:09:11 AM, Eric Smith wrote: > I'm sure this is dependent on the mirror we are pulling the zone from, but > how often is … [View More]

2 1

newly registered domains
by Matthew Wilson 09 May '05

09 May '05

Does anyone know of a SA rule to check how recently a domain name has been registered? The various uri lookups catch the vast majority of spammy urls during the day, but from 2-5 a.m. CST, my servers get hit with tons of spam with urls that aren't in SURBL yet. All of the domains are newly registered domains (registered in the past week or so). I know that the SARE ninjas have some private tools to do this kind of lookup for their feeds and manual lookups, but I'm wondering if this kind … [View More]

2 1

multi.surbl.org.rbldnsd Update Times
by Smith, Eric 08 May '05

08 May '05

I'm sure this is dependent on the mirror we are pulling the zone from, but how often is the source zone updated, and should we expect that mirrors update on a regular schedule around the clock? What I'm getting at is we are monitoring file changes to the zone file to ensure it's updating often, but as of Friday we have received no updates (I'm guessing because it doesn't get updated on the weekends). Is my assumption correct? Does the schedule vary by mirror? If so is there a mirror that … [View More]

2 1

RE: [SURBL-Discuss] SURBL Content
by Smith, Eric 08 May '05

08 May '05

XBL actually, very strange, I will check and follow up regarding it. /E. -----Original Message----- From: discuss-bounces(a)lists.surbl.org [mailto:discuss-bounces@lists.surbl.org] On Behalf Of Jeff Chan Sent: Friday, May 06, 2005 11:34 PM To: SURBL Discussion list Subject: Re: [SURBL-Discuss] SURBL Content On Friday, May 6, 2005, 5:59:15 PM, Eric Smith wrote: > This morning we received a huge blast from a spammer that spamhaus.org > identified properly but multi.surbl.org.rbldnsd didn'… [View More]

1 0

False Positive on AB_URI_RBL
by wolfgang 07 May '05

07 May '05

Hi, ab.surbl.org created a FP here today. The URI in question www dot teleflora dot com was in the ad part of a yahoogroups mail, in the part of the message that is automatically added by yahoo. please consider removing the URI to prevent false positives. regards, wolfgang

2 1

RE: [SURBL-Discuss] SURBL Content
by Smith, Eric 07 May '05

07 May '05

This morning we received a huge blast from a spammer that spamhaus.org identified properly but multi.surbl.org.rbldnsd didn't :( Just checking though :) Eric -----Original Message----- From: discuss-bounces(a)lists.surbl.org [mailto:discuss-bounces@lists.surbl.org] On Behalf Of Jeff Chan Sent: Friday, May 06, 2005 8:03 PM To: discuss(a)lists.surbl.org Subject: Re: [SURBL-Discuss] SURBL Content On Friday, May 6, 2005, 10:57:25 AM, Eric Smith wrote: > Quick question regarding multi.surbl.… [View More]

2 1

SURBL Content
by Smith, Eric 07 May '05

07 May '05

Quick question regarding multi.surbl.org.rbldnsd; the list of content for this file (i.e. sc.surbl.org, ws.surbl.org, etc) on the surbl.org website is all inclusive correct? Does multi.surbl.org.rbldnsd contain anything from spamhaus.org or any other content providers? Thanks, Eric Smith

2 1

RE: registrar boundary inconsistencies
by Chris Santerre 06 May '05

06 May '05

>-----Original Message----- >From: Daniel Quinlan [mailto:quinlan@pathname.com] >Sent: Thursday, May 05, 2005 1:19 AM >To: discuss(a)lists.surbl.org >Cc: jeffc(a)surbl.org; dev(a)spamassassin.apache.org >Subject: registrar boundary inconsistencies > > >I ran SURBL (well, a copy a few weeks old) through the split_domains() >function in SpamAssassin to see which listings contained both a >host+domain rather than just domain from the perspective of >SpamAssassin.… [View More]

5 6

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

Discuss May 2005