From jeffc@surbl.org Fri Dec  3 02:39:21 2004
From: Jeff Chan <jeffc@surbl.org>
To: discuss@lists.surbl.org
Subject: Re: [SURBL-Discuss] Discuss: WAS:  SURBL+ Checker Submission
Date: Thu, 02 Dec 2004 17:38:55 -0800
Message-ID: <1967819715.20041202173855@surbl.org>
In-Reply-To: <Pine.HPX.4.58.0412021605080.27698@d-is00.icaen.uiowa.edu>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============3835001318289771275=="

--===============3835001318289771275==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit

On Thursday, December 2, 2004, 2:10:29 PM, David Funk wrote:
> On Thu, 2 Dec 2004, Chris Santerre wrote:

>> I stripped the header for this discussion. Is this a spam domain or an
>> attempt to poison SURBL. It is obviously a spam, but is domain bogus?
>>
>> >-----Original Message-----
>> *SNIP*
>>
> [snip..]
>> >href=3D"http://hesatosser.com.info/?wid=3D100005">H=
>> >ERE</a><br><br>
> [snip..]
>> ><a href=3D"http://hesatosser.com.info/?wid=3D100005">
>> >Get it now
> [snip..]
>> > href=3D"http://http://hesatosser.com.com/nomore.html">Go
>> >here</a> to stop=

> Neither, it's broken spam-ware. The actual pill-spam-site
> is "hesatosser .com" (which is listed in SURBL ;).

I agree.  Probably user error in using spamware, or coding
problems in it.

> "*.com.com" is a valid domain name, belongs to CNet, clearly
> not spam. "*.com.info" isn't even a valid domain at all.

Yep, and com.com and most other cnet domains we could find
are already whitelisted.

Jeff C.
--
"If it appears in hams, then don't list it."


--===============3835001318289771275==--