On Friday, September 10, 2004, 5:05:17 AM, Joe Wein wrote:
At the 85th percentile there were a few more:
automotivedigest.com chartshop.com ct002.com dakotaairparts.com hallogram.com infoaeroplan.ca investorsinsight.com processrequest.com sitepronews.com topachat.com
These are arguably false positives. What do we know about them. Should we whitelist or not whitelist any?
I checked for overlaps with my blacklists.
ct002.com goes with 123greetings.com, which is *not* blacklisted on SURBL.
I blacklisted ct002.com on September 3, 2004 when I found it in a spammy-looking mail from Raymond's spamfeed. It was less than a year old and here's what SA thought about the triggering message:
spam, SpamAssassin (score=15.844, required 5, BAYES_99 5.40, CLICK_BELOW 0.10, HTML_FONT_INVISIBLE 0.60, HTML_MESSAGE 0.10, MIME_HTML_ONLY 0.32, MSGID_FROM_MTA_HEADER 0.70, OUTBLAZE_URI_RBL 3.50, RATWARE_HASH_2_V2 1.62, WS_URI_RBL 3.50)
So obviously my listing wasn't the first one on SURBL. I can't rule out that the mail was solicited though.
Joe
Thanks for the checking and the feedback Joe! :-)
Does anyone have any info on the others?
Jeff C.