Please start testing:
ob.surbl.org
on your low-volume mail servers. Currently it's hosted only on a few name servers, so please don't put it into production on any high volume mail servers yet.
We are particularly interested in hearing your False Positive rates.
If the testing is successful we will ask the rest of our name servers to carry it, document it, announce it, etc.
This list has about 40k domains on it. We still looking for ways to prune it down, for example by expiring domains that no longer resolve. If someone had a reliable master list of expired domains, that could be very helpful.
The data for this list is kindly supplied by Outblaze, and they use it internally for blocking spams. Here is how Yusuf Goolamabbas describes the data sources: __
We gather the domains 4 different ways:
1) spam complaints that have been handled by a human (postmaster/abuse/support people who actually see the spam).
for the next 3, "new" is defined as: Whois reports the domain as newly registered(registered within last 90 days)
2) crawling thru our undeliverable outbound queues. When we get spam from a domain (mailFrom), some bounces are generated. These bounces are handled by a central queue. That central queue is looked at every 60 minutes to see where emails are bound to. If the domain they are bound to is "new" - the domain is blocked.
3) spamtrap body analysis: We have an extensive set of spamtraps. The emails to these accounts are analysed and URLs are extracted. For any domain found in these emails, we check for "new" and if so, its blocked.
4) spam complaint body analysis: Similar to spamcop/yahoo/AOL, we have a feature that allows our users to complain about individual emails "This is spam". All these complaints are analysed and URLs extracted from bodies. If any of these are "new", they are automatically blocked.
We currently do not have a whitelist as we have never needed it. Several things prevent the need for a whitelist: a) humans that are allowed to do the blocks know what they are doing :-) b) machines that are doing the blocks will only block based on "new" c) machines cannot block any domain that was previously blocked and then unblocked by human.
We do not currently remove/expire domains automatically although its under consideration.
Removal procedure is by contacting postmaster at outblaze.com __
We are working with Outblaze to not include some of the domains that are less appropriate for SURBLs, but so far the data looks like it could be quite useful. Please give it a try and let us know what you find.
Thanks,
Jeff C.