At 11:54 20/04/2004, Jeff Chan wrote:
On Sunday, April 18, 2004, 3:23:20 PM, Jeff Chan wrote:
On Wednesday, April 14, 2004, 2:30:40 PM, Jeff Chan wrote:
On Wednesday, April 14, 2004, 1:27:01 PM, Justin Mason wrote:
Ah -- I've just realised, that will be a pretty big problem ;)
Jeff, can we change that to another domain? example.com is widely
used for
the purpose it's intended for, an "example domain" to use in example
URLs,
example email addrs, example whatever. Adding it to SURBL as the test domain means that it now gets another, unpleasant meaning -- a good way to get your mail into the spam folder. I don't think that'll be a good side-effect. :(
Something more like the GTUBE ( http://SpamAssassin.org/gtube/ ) -- ie a domain that doesn't already exist and is not going to crop up for other reasons. Something like http://surbl-org-permanent-test-point.com/ ?
Hi Justin, Good point. We added example.com by request, and we've just had another request for example.tld. [...]
HOWEVER, *other RBLs* are not used to block on message bodies and example.com is unlikely to be used as a sender domain. But it could appear in a message body URI as someone's example.
Does anyone have any other comments on the issue of removing example.com or changing it to something really obscure like the http://surbl-org-permanent-test-point.com/ which Justin suggested above. If I don't hear any other feedback I'll go ahead and make that change Monday and announce it.
This change will require people to update any test suites that are expecting example.com to be in the SURBL lists.
Are there any more comments on removing example.com from the SURBL testpoints?
Otherwise I will probably change "example.com" to "surbl-org-permanent-test-point.com", and document and announce the change.
Please let me know if you have any objections or other comments.
Sounds fine to me....(since no one else is commenting :)
The whole idea of surbl relies on the fact that there is no legitimate way that a spam url would be found in a genuine message. This isn't too hard considering how obscure and obfuscated most spammer domain names are...they're not the kind of thing that you'd write by accident in casual conversation :)
However something obvious like example.com is something that can (and is) written in non-spam messages sometimes...so definately needs to go...
Regards, Simon