-----Original Message----- From: Jeff Chan [mailto:jeffc@surbl.org] Sent: Tuesday, November 23, 2004 6:24 PM To: 'SURBL Discussion list' Subject: Re: [SURBL-Discuss] general questions.....
*snip*
We have seen numerous times a legit company sending a newsletter to a spamtrap. Numerous reasons and excuses. But they never would
have known
about it if they were not listed. And I think if they send
to a spamtrap we
have a right to list. Regardless of how legit, it is a
wakeup call because
obviously something went wrong to send to a spamtrap.
IMO, It's not our job to "educate" legitimate companies about how to use email.
Who's job is it? That line scares me. You want to solve the spam problem? You can't do that with a narrow net. You must fight war on all fronts. You educate the legit users on what not to do. This has been all over the news recently. Everyone thinks everyone else is a spammer, but not them.
I'm also VERY surprised at your comment. More then a few time YOU have educated people who have contacted us for removal from SURBL.
We want to list as many true spammer domains as we can find and also prevent legitimate domains from being listed.
Again, legit? Once ANY company hits a spamtrap, IMHO, they are no longer legit. Not until they find out how they hit that trap. Possibly they purchased, as in gave money to a spammer, a list. With education, they will NOT do that again. Thus reducing income for spammers. Possibly they have an xploitable web subscription form? How the hell would they know unless someone tells them?
*snip*
The goal with a greylist should be to cast a wider net but to eventually filter those down to some truly black entries that can be listed more broadly on full blacklists.
My goal is to stop spam. Using any method. Education is probably THE biggest way to do this. Imagine if all the clueles users suddenly could spot 100% of spam emails, and NOT fall for them. Problem solved.
Its the whole teach a man to fish thing. And I'm not rehashing the argument about SURBL. I clearly state I DO NO list what I want to list. I list what makes Jeff happy :)
--Chris
Chris Santerre wrote:
Once ANY company hits a spamtrap, IMHO, they are no longer legit. Not until they find out how they hit that trap.
Now here's a definition of "legit" making sense. Of course you'd need some secret technical details about the spamtrap, when it's compromised (e.g. a worm forging its address) it's no more spamtrap.
Please post a pointer when UC is available. Bye, Frank
On Wednesday, November 24, 2004, 7:14:05 AM, Chris Santerre wrote:
From: Jeff Chan [mailto:jeffc@surbl.org]
We have seen numerous times a legit company sending a newsletter to a spamtrap. Numerous reasons and excuses. But they never would
have known
about it if they were not listed. And I think if they send
to a spamtrap we
have a right to list. Regardless of how legit, it is a
wakeup call because
obviously something went wrong to send to a spamtrap.
IMO, It's not our job to "educate" legitimate companies about how to use email.
Who's job is it? That line scares me. You want to solve the spam problem? You can't do that with a narrow net.
The main purpose of SURBLs is to catch the most-abusive, highest-volume, criminal spammers who are using zombies to send millions of pill, mortgage, warez, porn, gambling, etc. spams per minute or whatever. It's not to catch Marshall Fields, Capital One, Citibank, L.L. Bean, etc.
SURBLs are the narrow net to catch the otherwise uncatchable spammers who have found ways around conventional RBLs, linguistic analysis, Bayes, hashes, etc.
Project Honeypot may end up putting some of the harvesters and their customers in prison. That may include some crypto-legitimate spammers who do mostly legitimate mailings and dabble in illegal harvested spamming on the side. They and Ralsky or whoever buys harvested addresses can all be cellmates in Federal prison for all I care. Actually it may be more entertaining if their cellmates were Mongo and his friends.
You must fight war on all fronts. You educate the legit users on what not to do. This has been all over the news recently. Everyone thinks everyone else is a spammer, but not them.
SURBLs are not the tool to do that:
1. We don't want to catch every spam. 2. We want to catch every spam that has URIs that don't get mentioned in ordinary ham.
Say citibank started using harvested addreses (and liked prison food), or hired zombie users to deliver their mail. Should we then list Citibank? I don't think so since some people might still want to get their legitimate banking notices, etc. Say someone sends spams that mention microsoft.com and they hit some spamtraps. Should we list Microsoft? I kind of doubt it. The same principle applies to other legitimate organizations, including some we may not personally know.
Repeat after me: We don't want to catch every spam..... ;-)
I'm also VERY surprised at your comment. More then a few time YOU have educated people who have contacted us for removal from SURBL.
Yes, but most of them should not have been added in the first place.
We want to list as many true spammer domains as we can find and also prevent legitimate domains from being listed.
Again, legit? Once ANY company hits a spamtrap, IMHO, they are no longer legit.
A global, set-it-and-forget-it black list has a different goal: to list only pure spammer domains. We've been over this before.
I guess some spam fighters are so focussed on catching every possible spam that they sometimes forget what we're trying to do.
Not until they find out how they hit that trap. Possibly they purchased, as in gave money to a spammer, a list. With education, they will NOT do that again. Thus reducing income for spammers. Possibly they have an xploitable web subscription form? How the hell would they know unless someone tells them?
The goal with a greylist should be to cast a wider net but to eventually filter those down to some truly black entries that can be listed more broadly on full blacklists.
My goal is to stop spam. Using any method. Education is probably THE biggest way to do this. Imagine if all the clueles users suddenly could spot 100% of spam emails, and NOT fall for them. Problem solved.
Its the whole teach a man to fish thing. And I'm not rehashing the argument about SURBL. I clearly state I DO NO list what I want to list. I list what makes Jeff happy :)
Then educate them with UC, not SURBLs.
Jeff C. -- "If it appears in hams, then don't list it."
-
Chris Santerre -
Frank Ellermann -
Jeff Chan