Hi Brandon, At 09:31 12-05-2006, Brandon Hutchinson wrote:
Since I don't think including subdomains in SURBL zone data does any good with SpamAssassin's URIDNSBL implementation, I was just wondering what else people are using to look up URIs in SURBL. Other sendmail milters that do not use
I use a milter.
Using the "www.freecat.biz" example: assuming this is a phishing domain, would also including "freecat.biz" in SURBL be a bad idea? Are there cases where we should "trust" the base domain even when a subdomain is used in a phishing email?
You would look up freecat.biz in the above example. See http://www.surbl.org/implementation.html for implementation guidelines. If it is a phishing email, I would not trust the base domain. A whitelist is also required.
Regards, -sm