On Monday, September 13, 2004, 7:45:44 AM, Frank Ellermann wrote:
Jeff Chan wrote:
- If a hosting company is legitimate, they will kick out any spammers using subdomains under their parent domain.
Some hosters needed a clue by four. Did I mention tripod.cl ? Or terra.es ? At the moment new domains are state of the art (if spamming is an art), but that will change.
Terra.es definitely kicks spammers. I've seen them do it.
[joke-of-the-domain spam]
Yes, collateral damage is easily avoided. Don't list them.
That _is_ a collateral damage for the recipients of this spam, those who never solicited it and don't want it. If you refuse to list spammers only because some other users might exist who want this crap, then you hurt all users who don't want it.
And vice versa. In that conflict of interests it's not the job of SURBL to protect spammers, but to protect the victims.
People who's legitimate messages are blocked due to over-inclusive blocklists are also victims. But they are *victims caused by **our** actions*, not by the spammers. We should NOT ***CAUSE*** VICTIMS.
We need to be like doctors: do no harm. If we let through a few spams, that's much better than blocking someone's legitimate mail.
I think many people do not understand that, and that is a definite problem.
If we cause FPs, we are doing more harm than good.
It's better to let a couple spams through than for our tools to ***cause*** harm to people. We should not **create** victims by having FPs.
Should we ***block everyone else's use*** of the Joke of the day domain?
If this joke-of-the-day is reported often enough via SpamCop as spam, then it should be listed in SC.surbl.org. Otherwise you would censor the SC input data for personal reasons, and that would be wrong.
You should only play god if you're absolutely sure that SC and the SC users screwed up (and this will happen, the spammers try it again and again). SC is only a script, it can't think.
If the SC users are trying to list messages as spams that other people consider hams, then they have screwed up. We reserve the right to correct their mistake. Mistakes do happen occasionally.
Remember, the goal is to include domains that *only appear in spams*, and to exclude domains that appear in hams. I think that's very clear and simple, not at all obscure. :-)
The goal for SC.surbl.org is to list spamvertized domains, and to identify spam based on the listed domains. It's perfectly neutral, not "some users really want a mortgage from this bank" or similar excuses.
We are trying to make lists that do not have false positives. A list that has no false positives will probably miss a few spams. It's MUCH better to miss a few spams than to block someone's legitimate mail due to false positives.
Real banks don't send mortgage spams. Real banks don't use zombies. Have you ever gotten a Viagra spam from Pfizer? I haven't.
If we include every domain that anyone has ever considered spam, our data will be too full of false positives for other people to use it.
That's why you have technical rules for the SC input data, it's not "anyone", but substantiated facts reflecting SC reports.
SC users are sometimes wrong. They are not perfect. They sometimes try to report sites that have legitimate uses.
It would be a lie if you exclude spamvertized domains for only personal reasons. Sometimes "legit" companies really are so stupid to spamvertize their own domain directly, and then they should be listed if the required number of SC users says so.
Bye, Frank
It's not "personal reasons" if other people use a domain legitimately. That's highly impersonal reasons. We don't need to know any of the legitimate users, to want to protect them from incorrect blocking.
Lots of spams come out of topica or lyris. Should we block them? Of course not. The legitimate uses outweigh any spams abusers can send out before they are shut down. Yes they are a source of some spam, but blocking them would cause more harm than good.
I think if you're not understanding this point, there's not much reason to debate it further.
Jeff C.