Good evening, Jeff,
On Thu, 6 Jan 2005, Jeff Chan wrote:
On Thursday, January 6, 2005, 3:55:24 AM, Vincent Schonau wrote:
One of our users has reported a false positive on id294.securedata.net; securedata.net is listed in ws.
I see no sightings more recent than june 2004; and none for this specific subdomain.
The domain appears to belong to some sort of shopping-cart service-provider, but I'm unsure who (hostway?). They appear to assign distinct subdomains to distinct customers.
What's the policy on this type of thing?
To supply a full message I'll have to ask the customer for permission. I'd rather not send it to a publicly archived mailing list, however (customer data 'n all).
Generally we try to handle whitelist requests and false positive reports off list at whitelist at surbl dot org.
It's handy to get a copy of the ham, if possible. Perhaps you could send it to us for private review at the address above.
Since Bill Stearns is on this list we may want to ask him for input here since his data is the source for this listing:
black-wstearns-hand-checked:securedata.net
The spam in question had an image link to:
img src="https://id293.securedata.net/cgi-iwantitallonline/track.cgi?vid=...
I've removed it from the blacklist and placed it on the whitelist because of the FP. Cheers, - Bill
--------------------------------------------------------------------------- "Put down those Windows disks, Dave..." -- HAL -------------------------------------------------------------------------- William Stearns (wstearns@pobox.com). Mason, Buildkernel, freedups, p0f, rsync-backup, ssh-keyinstall, dns-check, more at: http://www.stearns.org --------------------------------------------------------------------------