So what do we do with candidates for whitelists? Also, what do we do with things that should NOT be whitelisted, but NOT reported as spam? Examples are cacheing services. Which are often used by spammers for images, but legit as well.
I think images.exactis.com is one. And of course we have all the akamai.net servers.
I'm just kind of thinking out loud. *man I'm hungry right now*
:-)
Chris Santerre System Admin and SARE Ninja http://www.rulesemporium.com 'It is not the strongest of the species that survives, not the most intelligent, but the one most responsive to change.' Charles Darwin
Chris Santerre wrote:
So what do we do with candidates for whitelists? Also, what do we do with things that should NOT be whitelisted, but NOT reported as spam? Examples are cacheing services. Which are often used by spammers for images, but legit as well.
I think images.exactis.com is one. And of course we have all the akamai.net servers.
I'm just kind of thinking out loud. *man I'm hungry right now*
:-)
Buys Chris a big sandwich.
8*)
And also on this discussion. I do believe Jeff is keeping a white list of domains not to be included in any of the blacklists.
-Doc (D-Ninja)
On Thursday, May 13, 2004, 8:44:20 AM, Doc Schneider wrote:
Chris Santerre wrote:
So what do we do with candidates for whitelists? Also, what do we do with things that should NOT be whitelisted, but NOT reported as spam? Examples are cacheing services. Which are often used by spammers for images, but legit as well.
I think images.exactis.com is one. And of course we have all the akamai.net servers.
And also on this discussion. I do believe Jeff is keeping a white list of domains not to be included in any of the blacklists.
Yes, all legitimate domains and redirection services, content peering networks, etc. should be whitelisted, at least for use in SURBLs (i.e. other people may have differing uses).
We want to make sure any mostly legitimate domains stay off the blacklists. Preventing FPs should be a top priority along with handling spam domains.
Jeff C.
Good day, Chris, all,
On Thu, 13 May 2004, Chris Santerre wrote:
So what do we do with candidates for whitelists? Also, what do we do with
My suggestion is that each of us maintains a file of whitelist domains (I'm defining those as "domains that should never be blacklisted", such as generic ISPs, free web site providers, etc; see my document from a week or so back). Those whitelists will all be checked as part of Paul's new project.
things that should NOT be whitelisted, but NOT reported as spam? Examples are cacheing services. Which are often used by spammers for images, but legit as well.
Caching services (akamai) and redirectors (msn, yahoo) go in the same category for me; they get whitelisted because they can be used by spam and legitimate mail. I juts removed the last vestiges of yahoo's redirectors from the sa-blacklist this morning; I figure that the surbl parsing code needs to handle those; if those packages do their job right,
http://rd.yahoo.com/*http://bigspammer.com
should show up as a query for bigspammer.com to the surbl lists. I'm maintaining a file of redirector examples and have sent off previous versions of that file to Justin and Erik. http://www.stearns.org/sa-blacklist/redirector-examples.current.txt
I think images.exactis.com is one. And of course we have all the akamai.net servers.
I already have exactis.com and akamai.com/akamaitech.net on my whitelist. As I stated in the reviewer guidelines document, bigevel/sa-blacklist/*.surbl.org are _not_ responsible for catching _every_ spam. If a message has no URL's at all (nigeria/diploma), or has only urls that end up at geocities/angelfire/akamai/exactis, we can't do anything about those. Some other piece of the spam recognition puzzle will get them. Cheers, - Bill
--------------------------------------------------------------------------- "... Had this been an actual emergency, we would have fled in terror, and you would not have been informed." -- Eric Steele v2steele@us.ibm.com -------------------------------------------------------------------------- William Stearns (wstearns@pobox.com). Mason, Buildkernel, freedups, p0f, rsync-backup, ssh-keyinstall, dns-check, more at: http://www.stearns.org --------------------------------------------------------------------------
On Thursday, May 13, 2004, 9:06:01 AM, William Stearns wrote:
On Thu, 13 May 2004, Chris Santerre wrote:
So what do we do with candidates for whitelists? Also, what do we do with
My suggestion is that each of us maintains a file of whitelist
domains (I'm defining those as "domains that should never be blacklisted", such as generic ISPs, free web site providers, etc; see my document from a week or so back). Those whitelists will all be checked as part of Paul's new project.
I'd like to get ahold of any thoroughly checked whitelists to use to prevent white and grey domains from getting onto SURBLs, so let's share them if we can do it safely.
things that should NOT be whitelisted, but NOT reported as spam? Examples are cacheing services. Which are often used by spammers for images, but legit as well.
Caching services (akamai) and redirectors (msn, yahoo) go in the
same category for me; they get whitelisted because they can be used by spam and legitimate mail.
Agreed. I do the same.
I juts removed the last vestiges of yahoo's redirectors from the sa-blacklist this morning; I figure that the surbl parsing code needs to handle those; if those packages do their job right,
should show up as a query for bigspammer.com to the surbl lists. I'm maintaining a file of redirector examples and have sent off
previous versions of that file to Justin and Erik.
Exactly. The parsing code needs to find the real spammer domain. Where it can't or if it queries on the redirectors, we need to whitelist the redirection sites (actually their domains) to prevent the redirection sites from being used to tag a message as spam.
http://www.stearns.org/sa-blacklist/redirector-examples.current.txt
Looks good. I have those on my whitelist:
msn.com yahoo.com aol.com google.ca free.fr google.com ebay.com
I think images.exactis.com is one. And of course we have all the akamai.net servers.
I already have exactis.com and akamai.com/akamaitech.net on my
whitelist.
Had the akamais on my whitelist, but not exactis.com. Added.
Jeff C.
I'm already exchanging my whitelist with Jeff.
About some French providers to be whitelisted :
yahoo.fr google.fr wanadoo.fr free.fr club-internet.fr voila.fr 9telecom.fr tiscali.fr laposte.net tele2.fr noos.net noos.fr noos.net numericable.net nubericable.fr
Three others I added yesterday :
yeyey.com
123.com all.bg
Jose-Marcio
Jeff Chan wrote:
On Thursday, May 13, 2004, 9:06:01 AM, William Stearns wrote:
On Thu, 13 May 2004, Chris Santerre wrote:
So what do we do with candidates for whitelists? Also, what do we do with
My suggestion is that each of us maintains a file of whitelist
domains (I'm defining those as "domains that should never be blacklisted", such as generic ISPs, free web site providers, etc; see my document from a week or so back). Those whitelists will all be checked as part of Paul's new project.
I'd like to get ahold of any thoroughly checked whitelists to use to prevent white and grey domains from getting onto SURBLs, so let's share them if we can do it safely.
things that should NOT be whitelisted, but NOT reported as spam? Examples are cacheing services. Which are often used by spammers for images, but legit as well.
Caching services (akamai) and redirectors (msn, yahoo) go in the
same category for me; they get whitelisted because they can be used by spam and legitimate mail.
Agreed. I do the same.
I juts removed the last vestiges of yahoo's redirectors from the sa-blacklist this morning; I figure that the surbl parsing code needs to handle those; if those packages do their job right,
should show up as a query for bigspammer.com to the surbl lists. I'm maintaining a file of redirector examples and have sent off
previous versions of that file to Justin and Erik.
Exactly. The parsing code needs to find the real spammer domain. Where it can't or if it queries on the redirectors, we need to whitelist the redirection sites (actually their domains) to prevent the redirection sites from being used to tag a message as spam.
http://www.stearns.org/sa-blacklist/redirector-examples.current.txt
Looks good. I have those on my whitelist:
msn.com yahoo.com aol.com google.ca free.fr google.com ebay.com
I think images.exactis.com is one. And of course we have all the akamai.net servers.
I already have exactis.com and akamai.com/akamaitech.net on my
whitelist.
Had the akamais on my whitelist, but not exactis.com. Added.
Jeff C.
Discuss mailing list Discuss@lists.surbl.org http://lists.surbl.org/mailman/listinfo/discuss