Did you remember to copy the .cf file to your spamassassin rules folder? (I only mention this b/c I tend to forget to do the most obvious of steps).
If you run spamassassin -D -t on a test message, do you see it attempting to perform the queries?
-Charles
Paul Barbeau Paul@hypernet.ca 04/13/2004 9:00:36 PM >>>
I guess i spoke to soon.. The "make test" works and it looks like the "make install" works however when i send an email through with "http://test.diliberatelybroken.surbl.org/" in it nothing gets tagged. Is that the correct URL to use to confirm it is working?
Any ideas?
Paul
_______________________________________________ Discuss mailing list Discuss@lists.surbl.org http://lists.surbl.org/mailman/listinfo/discuss
ITReading ITReading writes:
Did you remember to copy the .cf file to your spamassassin rules folder? (I only mention this b/c I tend to forget to do the most obvious of steps).
If you run spamassassin -D -t on a test message, do you see it attempting to perform the queries?
-Charles
Paul Barbeau Paul@hypernet.ca 04/13/2004 9:00:36 PM >>>
I guess i spoke to soon.. The "make test" works and it looks like the "make install" works however when i send an email through with "http://test.diliberatelybroken.surbl.org/" in it nothing gets tagged. Is that the correct URL to use to confirm it is working?
Any ideas?
Paul
Hey Paul,
Try putting http://example.com in your test message. It works for me.
Tran
Discuss mailing list Discuss@lists.surbl.org http://lists.surbl.org/mailman/listinfo/discuss
Discuss mailing list Discuss@lists.surbl.org http://lists.surbl.org/mailman/listinfo/discuss
-- Lân N. Tran Email: lan@hangwithme.com
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
L. Tran writes:
ITReading ITReading writes:
Did you remember to copy the .cf file to your spamassassin rules folder? (I only mention this b/c I tend to forget to do the most obvious of steps).
If you run spamassassin -D -t on a test message, do you see it attempting to perform the queries?
-Charles
Paul Barbeau Paul@hypernet.ca 04/13/2004 9:00:36 PM >>>
I guess i spoke to soon.. The "make test" works and it looks like the "make install" works however when i send an email through with "http://test.diliberatelybroken.surbl.org/" in it nothing gets tagged. Is that the correct URL to use to confirm it is working?
Any ideas?
Paul
Hey Paul,
Try putting http://example.com in your test message. It works for me.
Ah -- I've just realised, that will be a pretty big problem ;)
Jeff, can we change that to another domain? example.com is widely used for the purpose it's intended for, an "example domain" to use in example URLs, example email addrs, example whatever. Adding it to SURBL as the test domain means that it now gets another, unpleasant meaning -- a good way to get your mail into the spam folder. I don't think that'll be a good side-effect. :(
Something more like the GTUBE ( http://SpamAssassin.org/gtube/ ) -- ie a domain that doesn't already exist and is not going to crop up for other reasons. Something like http://surbl-org-permanent-test-point.com/ ?
- --j.
On Wednesday, April 14, 2004, 1:27:01 PM, Justin Mason wrote:
L. Tran writes:
Try putting http://example-butnotthispart.com in your test message. It works for me.
Ah -- I've just realised, that will be a pretty big problem ;)
Jeff, can we change that to another domain? example.com is widely used for the purpose it's intended for, an "example domain" to use in example URLs, example email addrs, example whatever. Adding it to SURBL as the test domain means that it now gets another, unpleasant meaning -- a good way to get your mail into the spam folder. I don't think that'll be a good side-effect. :(
Something more like the GTUBE ( http://SpamAssassin.org/gtube/ ) -- ie a domain that doesn't already exist and is not going to crop up for other reasons. Something like http://surbl-org-permanent-test-point.com/ ?
Hi Justin, Good point. We added example.com by request, and we've just had another request for example.tld. Both are in the rfc-ignorant.org RBLs:
Name: example.com.abuse.rfc-ignorant.org Address: 127.0.0.4
Name: example.tld.abuse.rfc-ignorant.org Address: 127.0.0.4
HOWEVER, *other RBLs* are not used to block on message bodies and example.com is unlikely to be used as a sender domain. But it could appear in a message body URI as someone's example.
It's part of the reason we wanted to be conservative and use only non-existent domains or ones we control as test points:
Name: test.sc.surbl.org.sc.surbl.org Address: 127.0.0.2
Name: test.surbl.org.sc.surbl.org Address: 127.0.0.2
Our currently having 127.0.0.2 in the lists is probably safe since unlike 127.0.0.1, .2 should probably never occur in emails unless someone had an unusual loopback address URI to share.
Name: 2.0.0.127.sc.surbl.org Address: 127.0.0.2
Does anyone have any comments about whether we should remove example.com from the test set? Justin makes a valid point that it could block messages with example URIs. I'm leaning towards taking it out.
If we do, anyone using example.com in their test URIs should change to test.surbl.org or test.(zone).surbl.org.
Comments please,
Jeff C.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Jeff Chan writes:
Does anyone have any comments about whether we should remove example.com from the test set? Justin makes a valid point that it could block messages with example URIs. I'm leaning towards taking it out.
If we do, anyone using example.com in their test URIs should change to test.surbl.org or test.(zone).surbl.org.
I'd suggest something longer and less likely to FP. I could imagine an (internal) HTTP server being called "test", and web developer A mailing web developer B asking them to try it out. ;)
- --j.
On Wednesday, April 14, 2004, 3:21:19 PM, Justin Mason wrote:
Jeff Chan writes:
Does anyone have any comments about whether we should remove example.com from the test set? Justin makes a valid point that it could block messages with example URIs. I'm leaning towards taking it out.
If we do, anyone using example.com in their test URIs should change to test.surbl.org or test.(zone).surbl.org.
I'd suggest something longer and less likely to FP.
We deliberately chose shorter names to to get closer to the number of levels in actual spam domains. That may have been a slight misstep....
I could imagine an (internal) HTTP server being called "test", and web developer A mailing web developer B asking them to try it out. ;)
But at least we control the surbl.org domain and could try to remember not to use "test" as a host name or real subdomain. The same cannot be said of how anyone else chooses to use example.com or any other potentially real domain.
Any more comments on removing example.com from the test points?
This would affect the test suites of Eric and others.
Jeff C.
On Wednesday, April 14, 2004, 2:30:40 PM, Jeff Chan wrote:
On Wednesday, April 14, 2004, 1:27:01 PM, Justin Mason wrote:
L. Tran writes:
Try putting http://example-butnotthispart.com in your test message. It works for me.
Ah -- I've just realised, that will be a pretty big problem ;)
Jeff, can we change that to another domain? example.com is widely used for the purpose it's intended for, an "example domain" to use in example URLs, example email addrs, example whatever. Adding it to SURBL as the test domain means that it now gets another, unpleasant meaning -- a good way to get your mail into the spam folder. I don't think that'll be a good side-effect. :(
Something more like the GTUBE ( http://SpamAssassin.org/gtube/ ) -- ie a domain that doesn't already exist and is not going to crop up for other reasons. Something like http://surbl-org-permanent-test-point.com/ ?
Hi Justin, Good point. We added example.com by request, and we've just had another request for example.tld. [...]
HOWEVER, *other RBLs* are not used to block on message bodies and example.com is unlikely to be used as a sender domain. But it could appear in a message body URI as someone's example.
Does anyone have any other comments on the issue of removing example.com or changing it to something really obscure like the http://surbl-org-permanent-test-point.com/ which Justin suggested above. If I don't hear any other feedback I'll go ahead and make that change Monday and announce it.
This change will require people to update any test suites that are expecting example.com to be in the SURBL lists.
Jeff C.
On Sunday, April 18, 2004, 3:23:20 PM, Jeff Chan wrote:
On Wednesday, April 14, 2004, 2:30:40 PM, Jeff Chan wrote:
On Wednesday, April 14, 2004, 1:27:01 PM, Justin Mason wrote:
Ah -- I've just realised, that will be a pretty big problem ;)
Jeff, can we change that to another domain? example.com is widely used for the purpose it's intended for, an "example domain" to use in example URLs, example email addrs, example whatever. Adding it to SURBL as the test domain means that it now gets another, unpleasant meaning -- a good way to get your mail into the spam folder. I don't think that'll be a good side-effect. :(
Something more like the GTUBE ( http://SpamAssassin.org/gtube/ ) -- ie a domain that doesn't already exist and is not going to crop up for other reasons. Something like http://surbl-org-permanent-test-point.com/ ?
Hi Justin, Good point. We added example.com by request, and we've just had another request for example.tld. [...]
HOWEVER, *other RBLs* are not used to block on message bodies and example.com is unlikely to be used as a sender domain. But it could appear in a message body URI as someone's example.
Does anyone have any other comments on the issue of removing example.com or changing it to something really obscure like the http://surbl-org-permanent-test-point.com/ which Justin suggested above. If I don't hear any other feedback I'll go ahead and make that change Monday and announce it.
This change will require people to update any test suites that are expecting example.com to be in the SURBL lists.
Are there any more comments on removing example.com from the SURBL testpoints?
Otherwise I will probably change "example.com" to "surbl-org-permanent-test-point.com", and document and announce the change.
Please let me know if you have any objections or other comments.
Jeff C.
Otherwise I will probably change "example.com" to "surbl-org-permanent-test-point.com", and document and announce the change.
Perhaps just 'test.test.sa.surbl.org' ?
Nothing wrong with that, and I'm pretty sure that 'test' will never be a GTLD.
On Monday, April 19, 2004, 5:04:43 PM, Kelsey Cummings wrote:
Otherwise I will probably change "example.com" to "surbl-org-permanent-test-point.com", and document and announce the change.
Perhaps just 'test.test.sa.surbl.org' ?
Nothing wrong with that, and I'm pretty sure that 'test' will never be a GTLD.
That could probably work too. :-) LOL Now I don't know which obscurity is better! ;-) Comments anyone?
Jeff C.
P.S. Kelsey, please secondary surbl.org if possible.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Jeff Chan writes:
On Monday, April 19, 2004, 5:04:43 PM, Kelsey Cummings wrote:
Otherwise I will probably change "example.com" to "surbl-org-permanent-test-point.com", and document and announce the change.
Perhaps just 'test.test.sa.surbl.org' ?
Nothing wrong with that, and I'm pretty sure that 'test' will never be a GTLD.
That could probably work too. :-) LOL Now I don't know which obscurity is better! ;-) Comments anyone?
hmm...
I would suggest using a known TLD. I could imagine SpamAssassin or another product, if they don't already, including optimisations to avoid querying on things that *look* like URLs but can't possibly be; and putting in a special case for SURBL would be a bit silly if we can avoid it.
- --j.
On Monday, April 19, 2004, 8:28:08 PM, Justin Mason wrote:
Jeff Chan writes:
On Monday, April 19, 2004, 5:04:43 PM, Kelsey Cummings wrote:
Otherwise I will probably change "example.com" to "surbl-org-permanent-test-point.com", and document and announce the change.
Perhaps just 'test.test.sa.surbl.org' ?
Nothing wrong with that, and I'm pretty sure that 'test' will never be a GTLD.
I would suggest using a known TLD. I could imagine SpamAssassin or another product, if they don't already, including optimisations to avoid querying on things that *look* like URLs but can't possibly be; and putting in a special case for SURBL would be a bit silly if we can avoid it.
That was my inclination too. A real TLD with a fake domain should be the most "standard"... for an obscured domain. :-)
Jeff C.
On Mon, Apr 19, 2004 at 08:37:23PM -0700, Jeff Chan wrote:
On Monday, April 19, 2004, 8:28:08 PM, Justin Mason wrote:
Jeff Chan writes:
On Monday, April 19, 2004, 5:04:43 PM, Kelsey Cummings wrote:
Otherwise I will probably change "example.com" to "surbl-org-permanent-test-point.com", and document and announce the change.
Perhaps just 'test.test.sa.surbl.org' ?
Nothing wrong with that, and I'm pretty sure that 'test' will never be a GTLD.
I would suggest using a known TLD. I could imagine SpamAssassin or another product, if they don't already, including optimisations to avoid querying on things that *look* like URLs but can't possibly be; and putting in a special case for SURBL would be a bit silly if we can avoid it.
That was my inclination too. A real TLD with a fake domain should be the most "standard"... for an obscured domain. :-)
Then, my suggestion would be something inside the surbl domain. Otherwise there is a risk (albeit remote) that someone could register the domain and have a problem.
On Tuesday, April 20, 2004, 12:24:03 AM, Kelsey Cummings wrote:
Then, my suggestion would be something inside the surbl domain. Otherwise there is a risk (albeit remote) that someone could register the domain and have a problem.
Right we currently have test.surbl.org as testpoints. The problem is that programs using SURBLs are or will be looking only at the base domains, which is why we want one with only two levels.
I'm going to go with Justin's suggestion and go with an an improbable .com domain.
Jeff C.
At 11:54 20/04/2004, Jeff Chan wrote:
On Sunday, April 18, 2004, 3:23:20 PM, Jeff Chan wrote:
On Wednesday, April 14, 2004, 2:30:40 PM, Jeff Chan wrote:
On Wednesday, April 14, 2004, 1:27:01 PM, Justin Mason wrote:
Ah -- I've just realised, that will be a pretty big problem ;)
Jeff, can we change that to another domain? example.com is widely
used for
the purpose it's intended for, an "example domain" to use in example
URLs,
example email addrs, example whatever. Adding it to SURBL as the test domain means that it now gets another, unpleasant meaning -- a good way to get your mail into the spam folder. I don't think that'll be a good side-effect. :(
Something more like the GTUBE ( http://SpamAssassin.org/gtube/ ) -- ie a domain that doesn't already exist and is not going to crop up for other reasons. Something like http://surbl-org-permanent-test-point.com/ ?
Hi Justin, Good point. We added example.com by request, and we've just had another request for example.tld. [...]
HOWEVER, *other RBLs* are not used to block on message bodies and example.com is unlikely to be used as a sender domain. But it could appear in a message body URI as someone's example.
Does anyone have any other comments on the issue of removing example.com or changing it to something really obscure like the http://surbl-org-permanent-test-point.com/ which Justin suggested above. If I don't hear any other feedback I'll go ahead and make that change Monday and announce it.
This change will require people to update any test suites that are expecting example.com to be in the SURBL lists.
Are there any more comments on removing example.com from the SURBL testpoints?
Otherwise I will probably change "example.com" to "surbl-org-permanent-test-point.com", and document and announce the change.
Please let me know if you have any objections or other comments.
Sounds fine to me....(since no one else is commenting :)
The whole idea of surbl relies on the fact that there is no legitimate way that a spam url would be found in a genuine message. This isn't too hard considering how obscure and obfuscated most spammer domain names are...they're not the kind of thing that you'd write by accident in casual conversation :)
However something obvious like example.com is something that can (and is) written in non-spam messages sometimes...so definately needs to go...
Regards, Simon
-
ITReading ITReading -
Jeff Chan -
jm@jmason.org -
Kelsey Cummings -
L. Tran -
Simon Byrnand