----- Original Message ----- From: "Jeff Chan" jeffc@surbl.org
Yes you don't need the post the entire link, just the relevant parts of it, specificially the fully qualified domain name of the URI. I got it from your off list message as:
http://bsl.omessage-MUNGED.com/unsubscribe/u.html?%5Bdeleted]
Which resolves to:
Name: bsl.omessage.com Address: 204.180.130.204
That block is a Sprint /24:
Omeda Communications FON-34343818247975 (NET-204-180-130-0-1) 204.180.130.0 - 204.180.130.255
Some of Omeda's NANAS sightings were sent from addresses in this same block, some from others:
209.228.32.60 loadmaster.omessage.com (65.216.70.15) (blaster2.omessage.com [204.180.130.222]) blaster2.omessage.com ::ffff:204.180.130.222 loadmaster.omessage.com ([65.216.73.33]) (blaster2.omessage.com[204.180.130.222]) loadmaster.omessage.com ([65.216.70.15]) (blaster1.omessage.com [204.180.130.221])
None of those IP addresses is listed in SBL or XBL. If they were a true spamhaus I would assume they would have been caught by now. And if they were a hard core spammer they'd probably use zombies to send their mail, and not mail servers on blocks registered to them, with reverse DNS entries set up resolving to their domain, etc.
Therefore I am whitelisting:
omeda.com omessage.com
And asking Outblaze to consider doing likewise.
Why should anyone be required to give any proof?
Sometimes the topic of whitelisting is controversial, so it's good to share research so we can understand the reasons for whitelisting. For example if you had already done this research and shared it, then less time would be wasted on duplicated efforts.
If you want specific data to prove a false positive, then put together a template and post it on the SURBL web site for all to follow.
Bill