I made a list of some of uptilt.com (emaillabs.com) customers':
http://www.emaillabs.com/clientlist.html
likely domains:
http://spamcheck.freeapp.net/whitelists/uptilt
and checked those domains against all existing SURBLs. The only matches were:
uptilt.com
on ws.surbl.org, due to Chris' earlier manual listing, and:
digitalimpact.com uptilt.com wordbiz.com
on ds.surbl.org (6dos) which is a pretty low hit rate for nearly a hundred domains against a fairly aggressive list *if uptilt.com were a spamhaus*. It's not totally conclusive, but the relative lack of inclusion across multiple SURBL data sources leads me to think that uptilt.com is probably not a spamhaus. Therefore I've used that list of uptilt.com domains and customer domains as a whitelist. That means they will not be included in SURBLs.
Jeff C.
On Thu, 1 Jul 2004 02:33:33 -0700, Jeff Chan jeffc@surbl.org wrote:
I made a list of some of uptilt.com (emaillabs.com) customers':
http://www.emaillabs.com/clientlist.html
likely domains:
http://spamcheck.freeapp.net/whitelists/uptilt
and checked those domains against all existing SURBLs. The only matches were:
uptilt.com
on ws.surbl.org, due to Chris' earlier manual listing, and:
digitalimpact.com uptilt.com wordbiz.com
on ds.surbl.org (6dos) which is a pretty low hit rate for nearly a hundred domains against a fairly aggressive list *if uptilt.com were a spamhaus*. It's not totally conclusive, but the relative lack of inclusion across multiple SURBL data sources leads me to think that uptilt.com is probably not a spamhaus. Therefore I've used that list of uptilt.com domains and customer domains as a whitelist. That means they will not be included in SURBLs.
Jeff,
Thanks for your super diligence, we all appreciate it, so do our clients :)
On Thursday, July 1, 2004, 4:40:54 AM, David Hooton wrote:
On Thu, 1 Jul 2004 02:33:33 -0700, Jeff Chan jeffc@surbl.org wrote:
the relative lack of inclusion across multiple SURBL data sources leads me to think that uptilt.com is probably not a spamhaus. Therefore I've used that list of uptilt.com domains and customer domains as a whitelist. That means they will not be included in SURBLs.
Thanks for your super diligence, we all appreciate it, so do our clients :)
Thanks for your kind words David. As you can see I like to avoid false positives. :-)
I'm strongly tempted to make a public form for submitting whitelist entries, fully logged, rate-limited and reviewed, of course. It could help with the FPs and add more public visibility to the whitelisting process.
Jeff C.
On Thu, 1 Jul 2004 04:50:37 -0700, Jeff Chan jeffc@surbl.org wrote:
On Thursday, July 1, 2004, 4:40:54 AM, David Hooton wrote:
On Thu, 1 Jul 2004 02:33:33 -0700, Jeff Chan jeffc@surbl.org wrote:
the relative lack of inclusion across multiple SURBL data sources leads me to think that uptilt.com is probably not a spamhaus. Therefore I've used that list of uptilt.com domains and customer domains as a whitelist. That means they will not be included in SURBLs.
Thanks for your super diligence, we all appreciate it, so do our clients :)
Thanks for your kind words David. As you can see I like to avoid false positives. :-)
I'm strongly tempted to make a public form for submitting whitelist entries, fully logged, rate-limited and reviewed, of course. It could help with the FPs and add more public visibility to the whitelisting process.
Hmm - given experiences of several associates I would probably make that a hand reviewed process, possibly requiring a text justification to accompany the removal request. I have heard of trojaned PC's being used to abuse these kinds of services from multiple locations in order to avoid the rate limiting thing.
Seeing as SURBL is beginning to make a rather impressive impact on spam for so many users, I would suggest avoiding any easily/possibly abuseable options.
I'm strongly tempted to make a public form for submitting whitelist entries, fully logged, rate-limited and reviewed, of course. It could help with the FPs and add more public visibility to the whitelisting process.
Hmm - given experiences of several associates I would probably make that a hand reviewed process, possibly requiring a text justification to accompany the removal request. I have heard of trojaned PC's being used to abuse these kinds of services from multiple locations in order to avoid the rate limiting thing.
Seeing as SURBL is beginning to make a rather impressive impact on spam for so many users, I would suggest avoiding any easily/possibly abuseable options.
Yep, I would add one of those munged graphics as well that the user must type in the code to make sure only "real people" are submitting whitelist requests. :)
Rob M.
Rob Mangiafico wrote:
Yep, I would add one of those munged graphics as well that the user must type in the code to make sure only "real people" are submitting whitelist requests. :)
Rob M.
<troll> So if you're blind you're not a "real person?" </troll>
Rob Mangiafico wrote:
I would add one of those munged graphics as well that the user must type in the code to make sure only "real people" are submitting whitelist requests. :)
So far I've solved several hundreds of the UOL and spamarrest puzzles (before submitting them to SpamCop), and they are still askig me if I'm a real human. Unlike mailblocker (sp?) they never ask me what I think about forged addresses... :-(
BTW, it would be a very bad idea to whitelist UOL / spamarrest.
Bye, Frank
On Thursday, July 1, 2004, 5:33:19 AM, David Hooton wrote:
On Thu, 1 Jul 2004 04:50:37 -0700, Jeff Chan jeffc@surbl.org wrote:
I'm strongly tempted to make a public form for submitting whitelist entries, fully logged, rate-limited and reviewed, of course. It could help with the FPs and add more public visibility to the whitelisting process.
Hmm - given experiences of several associates I would probably make that a hand reviewed process, possibly requiring a text justification to accompany the removal request. I have heard of trojaned PC's being used to abuse these kinds of services from multiple locations in order to avoid the rate limiting thing.
Seeing as SURBL is beginning to make a rather impressive impact on spam for so many users, I would suggest avoiding any easily/possibly abuseable options.
Good to know. It's just a thought at this point. How about rate limiting to one submission per day? 1/2 :-)
(Since we don't expect many FPs, we would not expect many submissions, and a high rate of submissions could be a sign of abuse, where high is actually like more than one a day.)
Jeff C.
-
David Hooton -
Frank Ellermann -
Jeff Chan -
Richard Siddall -
Rob Mangiafico