As some of you may have read, I have set up an "unconfirmed" ("uc") list (or grey list), ready for submissions. It seems to me that there are at least a few active members of this list interested in giving this a shot.
Currently, I am the only one with access to the data, but this can easily be changed to include a small number of trusted individuals with an interest in helping out.
Here's how it works (and I'm putting this out as a starting point for discussion, not the gospel!)
1. When classifying domains for SURBL, continue to employ the same level of effort you do to find all domains worthy of blacklisting, and submit those to the usual sources.
2. For the domains that don't fit black lists or white lists, they *may* be candidates for uc. However, we only want to list domains in uc that are highly spammy, with only very small potential for legitimate use.
HOW TO SUBMIT: a) Chris Santerre has suggested domains for inclusion in uc be posted to the SURBL mailing list, and only be included after receiving a total of three votes. I'll go with that, and suggest using a Subject like "UC: domain.com" for easy spotting.
b) I'd also encourage submitters to email the submission address, uc@sasknow.com, with private submissions of one or more domains, one per line.
I'll handle private submissions in the same way as mailing list submissions; if I get three separate private submissions for the same domain (or maybe two, plus my own hand-checked vote), I'll list the domain in uc.
I'll track the number of unique submissions in the TXT field. I'd suggest whitelisting through the usual channels.
Suggestions (public or private) on the submission and inclusion criteria are most welcome. I've tried to capture the gist of what others have seemed to best agree on, but there is probably room for improvement. I can throw up a quick web site once things solidify a little.
Once the list grows to sufficient size (maybe 100-200 domains?), we should be able to get a good idea of the usefulness. Once that happens, it will probably be more obvious how public we should make the data.
- Ryan