On Saturday, July 17, 2004, 5:26:35 PM, Frank Ellermann wrote:
Jeff Chan wrote:
that could easily lead to false positives
There are no "false positives".
Yes, there could be. If I mention http://www.spamarrest.com/ in my message, and spamarrest.com is in a SURBL, then my message could get blocked. Similarly any other legitimate mentions of spamarrests web site, including saying "it's a bad company," or "I use their services," or "I'm filing a complaint against them," for examples, could get legitimate messages blocked. That is a classic false positive.
Please remember the URI (message body) false positives are really in a different category than sender IP or sender domain (message header/envelope) false positives. If an end user IP address or ISP mail server domain is listed in a conventional RBL, the effect is limited to that IP or sender domain. If a URI is listed in a SURBL, the effect could be as large as blocking all messages that happen to mention that URI, which is potentially much larger in scope. The potential for wide-reaching false positives is much greater with a SURBL than an envelope RBL.
The spamarrest challenges are spam, triggered by spam to spamarrest customers, and sent to the forged addresses in the original spam. Spamarrest.com is only interested to sell more of their snake oil, and as far as I'm concerned it's a criminal organization.
Complete with "webmaster affiliate program", exactly the same kind of marketing you find in XXX sites. Only the "product" is different, it's "spam filtering". The real work is not done by spamarrest, it's done by my ISP and me (for all forged @xyzzy addresses), or by your ISP and you (for all forged @surbl.org addresses), etc.
Spamarrest.com "sells" your and my bandwidth + harddisk space
- time. There are no "legitimate users" or "false positives",
it's theft.
All of which is probably true, but not entirely relevant to the question of inclusion, especially when you agree spamarrest is not originating the messages purely themselves. A better answer may be that they have an abuse problem and should fix it.
Since spamarrest appears to be a legitimate company, I'd recommend reporting your spams to the relevant state and national governments' anti-spam folks. That should encourage spamarrest to fix their problems. Here are the Washington state and U.S. government reporting sites:
http://www.atg.wa.gov/junkemail/
https://rn.ftc.gov/pls/dod/wsolcq$.startup?Z_ORG_CODE=PU01
their design is broken, but having a broken design is not enough reason to list them.
It's not only "broken", it's fraudulent. It's no free service, their users pay for this design, and what they really pay for are _our_ resources.
See also http://openrbl.org/ip/66/150/163/156.htm for other BL entries for the IP [66.150.163.156] in my example.
As I said, our standards for inclusion are significantly higher than for conventional RBLs, because URI blocking is potentially much broader in scope. We really can't have every domain that's ever been abused a few times or caused someone to be annoyed in the lists, even if that would be fine for a personal policy, since doing so could quickly make the lists unusable for too many people.
The informal rule should be: if a given domain has any legitimate mentions in message body URIs, then it probably should not be listed.
Jeff C.