I saw a post on NANAE over the weekend about surbl and it looks like one of the best ideas I've seen.
Almost every spam mail I get contains a spamvertized domain, so with good data this method has the potential to block nearly 100% of spam.
Spamvertized domains are an essential resource for spammers and are usually longer lived then the abused servers used to send out spam runs.
I've set up SpamAssassin and SpamCopURI. I've checked the emails which are not being picked up by surbl and there is a recurring pattern: 1) Redirects 2) Obfuscated urls
For example, this was not picked up. <a href=http://drs.yahoo.com/higherillomened./mensuraltalk/*%68ttp://enginery.s hopinternetbuy.biz/%75n%73ub.html target=_blank>
shopinternetbuy.biz is in sc.surbl.org.
The logic of the parsing engine needs to be enhanced to deal with these cases. This is probably only the start, because spammers will find other ways to get around surbl once it starts being used widely.
I'd offer to look at it, but I wouldn't know where to start with perl.
John