Michele Neylon :: Blacknight Solutions a écrit :
Peter Bowyer wrote:
On 09/08/06, Eric Montréal erv@mailpeers.net wrote:
also, since most legitimate mailing lists are to recipients in close geographic proximity,
Legitimate mailing lists would include this one, the SA users list and numerous industry lists covering every possible topic from linguistics to engineering and marketing.
I get mail from Microsoft that they send to all their partners worldwide.
Maybe "geographic proximity" is relative to the size of the universe?
Looks like something else is the size of the universe ...
Major lists whose distribution is to as many different servers as a spam run have little chance to be sent from a domain listed in surbl.
When was the last time Microsoft got listed in surbl ?
Smaller lists might end up being sent from a false positive domain and the idea is that surbl test pattern (queries/minutes, burst/continuous, historical comparisons, geolocation and perhaps other metrics) should allow to differentiate between such a list and a spam run.
An antispam service such as surbl does have a far more complete picture on a global scale than anyone operating some mail servers. The access pattern such a service will see is mirroring major spam runs, and this could be exploited. That was the basic idea.