Jeff Chan wrote:
On Thursday, December 30, 2004, 4:26:33 PM, Kevin McGrail wrote:
I think it's already been evaluated and decided against for a number of reasons. IIRC a major one was additional CPU time for diminishing returns. There are a lot more .somethings to check than http:// and www. Generally the behavior of MUAs is followed, where it makes sense to do so. Also there's a lot more spam with functional URIs than plain domains.
Besides the CPU time which I can agree, I would argue that subset of email with plain domains should be treated as it's own set.
Therefore, after SURBL is run against http:// and www, what is the hit ratio against the emails with plain domains? Perhaps running it as a second pass only if http:// and www aren't found would be generally good if the false positive rate isn't too high and just for .com/.net/.org/.info/.biz and any other TLDs that are recommended and readily abused.
To be honest I don't know the answer to that question. Perhaps one way to find out would be to write a SpamAssassin rule to look for plain domains, then look at the results for false positives, etc.
I've tried this at my filter and removed some time later.
From my experience, the results tends to be more increase the false positive rate and handling time than the detection rate.
The number of spams you'll catch isn't worthwhile.
Main goal of spammers is to directly show the contents of some web page without asking recipients to cut and paste some URL.
Jose-Marcio
Jeff C.
"If it appears in hams, then don't list it."
Discuss mailing list Discuss@lists.surbl.org http://lists.surbl.org/mailman/listinfo/discuss