Hi!
Perhaps some kind person could write a reporting function in SpamAssassin for this?
Hmm, perhaps if we could extract *all* URI domains from messages sent through XBLed senders then prioritize those say by frequency of appearance, we could create a new SURBL list of spamvertised domains sent through exploited hosts. That would pretty directly address the use of zombies, etc. and put a penalty on using them to advertise sites through them. Even with volume weighting such a list of sites could be attacked by major joe job unless we took additional countermeasures, but does anyone else think this might be a useful type of data source for SURBLs?
Jeff, please stop. ;)
If i polute domains to those spamtraps i get them inside a RBL? Then i wonder why we dont list the domain i am trying to get sorted out some time now.
Spamtraps are bad news if you use them 1:1, you need to parse out a LOT, did you run poluted spamtraps? I have been running two proxypots, i still might have some tars, and most of it was really useless. What more helps is a wider coverage. I rather see some automated system like spamcop setup, so people can report, and we auto parse it with Joe's tool for example. With a larger footprint we also get spam earlier. Its not like they first send to the spamtraps and then to 'real'users alone.
I understand you want to cover new area's but please dont rely on other RBL's too much, i think waiting with own checks does much more in the end. IF SBL picks it up we can pick it up faster. But we also want to pickup ones NOT listed by any RBL do we ?
Bye, Raymond.