On Thursday, December 30, 2004, 4:26:33 PM, Kevin McGrail wrote:
I think it's already been evaluated and decided against for a number of reasons. IIRC a major one was additional CPU time for diminishing returns. There are a lot more .somethings to check than http:// and www. Generally the behavior of MUAs is followed, where it makes sense to do so. Also there's a lot more spam with functional URIs than plain domains.
Besides the CPU time which I can agree, I would argue that subset of email with plain domains should be treated as it's own set.
Therefore, after SURBL is run against http:// and www, what is the hit ratio against the emails with plain domains? Perhaps running it as a second pass only if http:// and www aren't found would be generally good if the false positive rate isn't too high and just for .com/.net/.org/.info/.biz and any other TLDs that are recommended and readily abused.
To be honest I don't know the answer to that question. Perhaps one way to find out would be to write a SpamAssassin rule to look for plain domains, then look at the results for false positives, etc.
Jeff C. -- "If it appears in hams, then don't list it."