[SURBL-Discuss] Fwd: Re: SURBL Poisoning?

Jeff Chan jeffc at surbl.org
Mon Apr 12 14:25:47 CEST 2004


This is a forwarded message
From: Jeff Chan <jeffc at surbl.org>
To: spamassassin-users at incubator.apache.org
Date: Monday, April 12, 2004, 1:12:45 PM
Subject: SURBL Poisoning?

===8<==============Original message text===============
On Monday, April 12, 2004, 7:21:23 AM, Jeff Koch wrote:
> I have not tried SURBL yet but I'm concerned about what would happen if
> spammers started loading their emails up with links to legitimate websites 
> - like paypal - ebay - chase - expedia, etc. Are you doing a manual review?

I am doing a manual review, but need to find a way to share that
load.  Perhaps we can set up another discussion list and I can
gateway the new additions to the list to it.

Marc Perkel gave me access on his phpbb but I have not had time
to work with it.   A bulletin board with voting mechanism and a
way to feed new domains into threads under a "spam or ham" board
might be ideal. Anyone who could help implement that would be
gratefully thanked.

There is an internal whitelisting mechanism in sc.surbl.org that
prevents legitimate domains like ebay, etc. from ever getting
added to the list, and it seems quite effective.  Anyone who has
whitelists of common fp popular domains to share would be greatly
appreciated also. 

However the primary defense against FPs is in the care SpamCop
users take in *unchecking* legitimate looking URIs when
they submit their reports.  That also seems pretty effective
at preventing FPs, as the whitelist is small yet useful.

A log of the domains as they get added to the list can be found
at:

  http://www.surbl.org/top-sites-domains.new.log

If anyone spots any FPs, please forward them to me.

Note also that version 2 of the data engine should have
better spam detection and a similar low false positive rate,
all automatically.

Hope this helps,

Jeff C.

===8<===========End of original message text===========

-- 
Jeff Chan
mailto:jeffc at surbl.org-nospam
http://www.surbl.org/



More information about the Discuss mailing list