If I were a spammer monitoring this list's traffic (there
have got to be
some), I would buy up a bunch of domains that were registered a few years ago but expired, throw up a bunch of bogus
"legitimate looking"
content,
yep, the google-spammers are doing that already.
send out a bunch of spam using those "legitimate" domain names, and then complain to Jeff et al. that SURBL is generating false positives. According to current policies, my sites would be whitelisted, "yay!".
this is a possible problem, alright. But as far as I can see Jeff has been saying to *check* the possible false positive domains, not to just blindly whitelist them.
And this exposes a serious problem with the current SURBL design. If I can manage to host one legitimate page in one subdomain and have 100 other subdomains that are purely for spam, you can't list me as a spammer.
Maybe we need to rethink this only listing root domains thing. Maybe we could use an address to mean "check next level" and have the plugin add the next subdomain level and check that. It would increase traffic, but only for those domains where you need subdomain checking.
Certainly it would be better than ignoring a major spammer host just because a newsletter referred to some code on one page in one subdomain.
Bret