Jeff Chan wrote to SURBL Discussion list:
It was logical for SURBLs to be used with SpamAssassin because SA provides a nice framework of message parsing, URI extraction, mail program interfaces, etc. but SURBLs can be used directly with MTAs and other mail-handling, spam-blocking programs. In those cases the classifications need to be extremely accurate. False positives are the largest obstacle to that use and so they need to be reduced.
Instead of finding ways to collect greylists full of questionable domains, we should be trying to find ways to improve the quality of the existing lists. That's where the most important and valuable progress can be made.
Nobody, and I mean *nobody* has suggested that our "unconfirmed" list be used to block *anything*. It seems like you're saying that the mere existence of such a list would completely undermine the entire SURBL effort. Despite your mostly well-placed arguments (which I did read and ponder), I don't believe you.
We're talking about two different things. You see SURBL in narrow terms; a list of definitely spammy domains. Others are suggesting that SURBL could be further augmented by including (as a completely separate list) domains with slightly less (collective) certainty.
You point out the differences between SA and SURBL. We're aware of them. Many, *many* people use SA, and will continue to do so, in conjunction with SURBL. For weighted-rule classifiers like SA, having "grey" data which can be scored appropriately further *increases* the accuracy of the overall filter. A domain greylist would therefore be a useful spam fighting tool.
Now, I gather that you think an unconfirmed or grey list would be a "distraction" to SURBL. I'm sorry you feel this way, simply because I believe a uc list would be a very close fit *with* SURBL, and that each project could benefit from mutual support.
UC could benefit from the public presence and established framework SURBL already has. SURBL could benefit from UC as an input data source, and, given some of the rough submission and checking criteria proposed by others and myself, domains from the grey list would very often bubble up to one of the "black" SURBLs with a *higher* degree of certainty than some of the other submissions hand-checked by one or two people.
So, I'd like to see uc as part of the SURBL effort. We don't need any more acronyms. IMHO, acronyms are a PITA, but YMMV. I'm not interested in flogging this poor little thread to death, fighting for the legitimacy of one new list against speculation. The only thing worse than statistics are pre-supposed statistics, especially when they're used in an attempt to dismiss what might be a really good idea.
"Edison! What in blue blazes are you doing with that wire?" "I'm coiling it up to make a new kind of light!" "Poppycock! We need to focus on making better candles, or light will suffer!"
OK, so that's a bit of a dramatization. ;-) We *do* still use candles today. Their purpose has shifted a bit, and, for the most part, they've improved. Mostly, they smell better.
What I'd really like to see is a proof-of-concept uc list with at least a thousand domains in total, submitted from a few different people, so we can take a look at our test data and decide whether we:
a) hit the nail on the head, and continue as-is, b) need to do more work, and tighten the submission guidelines, or c) came up with a really dumb idea, and scrap the list altogether.
We're starting to repeat ourselves in this thread a little bit (myself included), so I need a short break from the discussion. :-)
uc@sasknow.com is open for submissions! I'll post another mail (in a new thread) with some more information for anybody who'd like to participate in the test.
- Ryan