[SURBL-Discuss] RE: (1) Another Possible FP, and (2) header
parsing issues
Jeff Chan
jeffc at surbl.org
Thu Aug 12 13:15:27 CEST 2004
On Thursday, August 12, 2004, 9:17:29 AM, Rob McEwen wrote:
> Chris said:
>>I'm confused. (Theres a first!) SURBL only
>>check the body for URLs. How did the message-ID get hit?
> Its simply an issue where someone's implementation of SURBL provided the
> option of extracting domains out of either (1) the header, and/or (2) the
> client's IP address, and/or (3) the body of the e-mail. Any combination was
> possible/configurable. The "default" setting was to use all three.
> The following is the software package that I am using for SURBL filtering:
> http://www.2150.com/regexfilter/
> I chose this because it works well with my Merak IceWarp webmail software I
> have running on Windows 2000 server.
> The guy who wrote this is very smart. Because he uses the filter for himself
> and didn't have to worry about "clients", he was very aggressive with his
> default settings both for SURBL and for other linguistic aspects of his
> filter. Just about everyone using it has had to contend with having to
> "loosen" it in a number of ways to prevent false positives for their
> clients... but this was a small price to pay for a well designed and FREE
> software package.
FWIW I am in contact with the author and he's somewhat
redesigning his use of SURBLs. Hopefully the results will
be more in-line with how we expect them to be used, especially
in an ISP context.
Jeff C.
More information about the Discuss
mailing list