Currently, I do whitelist this list, but...
...and maybe I'm getting paranold here...
What happens if spammers start adding SURBL tolkins to their spam? (like "lists.surbl.org") Are there not situations here which could defeat our whitelisting and force us back to munging anyway?
BTW... SallyFoster.com is still listed at ws.surbl.org ...how soon can I expect it to be removed? (see earlier posts for background).
Rob McEwen
Hi!
Currently, I do whitelist this list, but... ...and maybe I'm getting paranold here...
What happens if spammers start adding SURBL tolkins to their spam? (like "lists.surbl.org") Are there not situations here which could defeat our whitelisting and force us back to munging anyway?
Can you explain what you mean? Dont get it i am afraid. All the surbl domains are whitelisted, but that was not your question i guess?
BTW... SallyFoster.com is still listed at ws.surbl.org ...how soon can I expect it to be removed? (see earlier posts for background).
Sometimes it takes time to find out the how and the what, be happy we are still responsive ;) Please also note, a whitelist request isnt a guarantee that it will indeed be whitelisted...
Bye, Raymond.
on Wed, Sep 01, 2004 at 12:04:41PM -0500, Rob wrote:
Currently, I do whitelist this list, but...
...and maybe I'm getting paranold here...
What happens if spammers start adding SURBL tolkins to their spam? (like "lists.surbl.org") Are there not situations here which could defeat our whitelisting and force us back to munging anyway?
Seems to me that all mail to this list goes through
mailbox.prolocation.net [81.23.230.7]
and contains
List-Id: SURBL Discussion list <discuss.lists.surbl.org>
So, what's the concern, exactly? Just whitelist by originating host and then filter based on the RFC 2919/2368 headers.
Hi Rob, At 10:04 01-09-2004, Rob wrote:
Currently, I do whitelist this list, but...
...and maybe I'm getting paranold here...
What happens if spammers start adding SURBL tolkins to their spam? (like "lists.surbl.org") Are there not situations here which could defeat our whitelisting and force us back to munging anyway?
No, unless the whitelisting is not implemented correctly. I suggested whitelisting the server from which this email comes from and not the return-path.
Regards, -sm
Good day, SM(?),
On Wed, 1 Sep 2004, SM wrote:
At 10:04 01-09-2004, Rob wrote:
Currently, I do whitelist this list, but...
...and maybe I'm getting paranold here...
What happens if spammers start adding SURBL tolkins to their spam? (like "lists.surbl.org") Are there not situations here which could defeat our whitelisting and force us back to munging anyway?
As a side note, I'm spending a _lot_ of time recently on "whitelist" domains; in this context, domains that should never end up on the blacklist. I actively hunt down domains and add them to the whitelist even before they show up in a spam, so that if one of the submitters mis-submits earthlink.net, yahoo.com, surbl.org, or apache.org (*gulp*), those can never make it onto the blacklist. I'd like to sincerely thank the nigerian spammers for a rich source of webmail whitelist domains. :-) Cheers, - Bill
--------------------------------------------------------------------------- "Heisenberg _may_ have slept here." (Courtesy of Rick Stevens rstevens@vitalstream.com) -------------------------------------------------------------------------- William Stearns (wstearns@pobox.com). Mason, Buildkernel, freedups, p0f, rsync-backup, ssh-keyinstall, dns-check, more at: http://www.stearns.org --------------------------------------------------------------------------
Hi William, At 12:01 01-09-2004, William Stearns wrote:
As a side note, I'm spending a _lot_ of time recently on"whitelist" domains; in this context, domains that should never end up on the blacklist. I actively hunt down domains and add them to the whitelist even before they show up in a spam, so that if one of the submitters mis-submits earthlink.net, yahoo.com, surbl.org, or apache.org (*gulp*), those can never make it onto the blacklist.
This is a good way to avoid nasty surprises. Expect the phone to ring non-stop if yahoo.com was blacklisted.
There is a .apache.org host listed in a RBL. I'll leave it to the reader to find out the funny part of this. :)
Regards, -sm
-
Raymond Dijkxhoorn -
Rob -
SM -
Steven Champeon -
William Stearns