Jeff Chan wrote:
Maybe you could forward one to me off list and explain how you think they got your address.
It's the same idea as in any C/R system: The spammer forges an almost arbitrary MAIL FROM for his stuff. The challenge goes to the MAIL FROM, e.g.
http://www.spamcop.net/sc?id=z554014790zc260cd9fdfc657ecb5cd7e70a6026bf1z&action=display
Following this link you see the complete spamarrest challenge incl. the link to their "webmaster affiliate program". Their business model is to sell "spam filtered" addresses, where the filtering is done by the innocent bystanders (= forged address in the spam).
They may be one of those gray domains that we might not want blocking on.
Why should you want to support a commercial C/R system ? It's just UBE asking third parties (forged addresses) to filter the spam for their customers. If you find spamarrest.com in the SC data then that's no "error", therefore it should be reflected in sc.surbl.org
vague criteria like "publicly listed, subject to laws".
Actually it's pretty specific and not vague.
It's very vague, whose and which laws, resp. which lists ? In the case of sc.surbl.org the relevant rules are the SC rules. Of course you could remove (= whitelist) obvious errors like links to BBC reports in 419 spam. When you see a JoeJob or other cases of innocent bystanders that would be specific.
pfizer.com is whitelisted
Bad idea. Big companies do spam from time to time, in the past because they were ignorants, and today because shit happens.
(Nor are we attempting to whitelist CAN-SPAM activity; generally we let the data speak for itself.)
ACK, that's what I want, with minimal manual interventions to catch errors, JoeJobs, and innocent bystanders. Bye, Frank