[SURBL-Discuss] BigEvil + MidEvil as SURBL

Chris Santerre csanterre at merchantsoverseas.com
Thu Apr 22 13:01:19 CEST 2004



> -----Original Message-----
> From: John Wilcock [mailto:john at tradoc.fr]
> Sent: Thursday, April 22, 2004 2:26 AM
> To: Jeff Chan; SURBL Discussion list
> Subject: Re: [SURBL-Discuss] BigEvil + MidEvil as SURBL
> 
> 
> On Wed, 21 Apr 2004 14:49:51 -0700, Jeff Chan wrote:
> > >> > 1) BigEvil wildcards. Not sure how you would handle these. 
> > >> Something like
> > >> > evil\d{2,4}spam\.com is a general wildcard. Some of those 
> > >> domains don't even
> > >> > exhist. Not sure how SURBL will handle that.
> > >> 
> > >> Yes, I should have mentioned that I'm simply discarding them.
> > >> Unfortunately there's no easy way to deal with them.  Domains
> > >> without any patterns in them, which are a majority, come right
> > >> through.  The script is at:
> > 
> > > Can we make sure that when you announce this to the 
> public that they know
> > > this! :) 
> > > I can see the flurry of emails now. 
> > 
> > Definitely will mention the differences in the announcement and
> > web site!
> 
> Perhaps the ideal would be if the script that converts bigevil to rbl
> form could also generate a separate "wildevil" cf file containing only
> the wildcard entries from bigevil, so that people can have the best of
> both worlds...
> 
> John.

Hold off on the wilcard idea for now. Let me figure out with the other guys
what we are doing. A few ideas in the mix. But I would let wildcards stay as
a regex file. It is crazy to try to lookup things like
/\dmeds\d{2,6}\.(?:com|net|biz)/  , that would take a looong time to do just
that one!

--Chris


More information about the Discuss mailing list