Daniel Quinlan, one of the principal SpamAssassin architects had some good suggestions for reducing false positives in the SURBL data. One was using public databases of URIs, particularly hand-built ones like dmoz.org and wikipedia.org or even yahoo.com as sources of mostly legitimate domains. (The wikipedia is not a web directory in a conventional sense; it's more like an open encyclopedia, but it has a relatively large collection of URIs.)
Presumably most of the URIs in these are legitimate and don't belong to spammers, especially in DMOZ since it's hand-built. So the question is: can these be useful as whitelist sources or perhaps as one of the checks on new SURBL additions.
Although directories such as DMOZ are manually edited there is a danger of spammers "grabbing" expired domains and abusing them. I've seen a lot of scripts for sale that track dmoz listed domains.....
M
Mr Michele Neylon Blacknight Internet Solutions Ltd Hosting, co-location & domains http://www.blacknight.ie/ Tel. +353 59 9137101