[SURBL-Discuss] Re: Feature Request: Whitelist_DNSRBL

Bill Landry billl at pointshare.com
Wed Dec 8 17:39:59 CET 2004


----- Original Message ----- 
From: "David Hooton" <david.hooton at gmail.com>

> On Wed, 8 Dec 2004 08:03:35 -0800, Bill Landry <billl at pointshare.com>
wrote:
> > I agree, and have suggested a whitelist SURBL several times on the SURBL
> > discussion list, but it has always fallen on deaf ears - nary a
response.
> > It would be nice if someone would at least respond as to why this is not
a
> > reasonable suggestion.
>
> The floor in offering a DNS based whitelist is that it encourages
> people to place a negative score on it.  The problem with this is that
> spammers can poison messages with whitelisted domains, thereby
> bypassing the power of the SURBL

I agree, it should not be used as a HAM indicator, way too easy to abuse.  I
was suggesting that the whitelist be used as a way to exclude the domain
from being constantly queried against the SURBL name servers.

> The concept of "Whitelist" in the SURBL world is more of an "Exclusion
> List" as in "we exclude these domains from being listed" rather than
> we consider the presence of these domains in an email to be a good
> sign of ham.

Exactly.

> An excluded domain is therefore ignored in all data and not allocated
> a score positively or negatively, so trying to poison a message with
> whitelisted domains is therefore pointless.

Yep, agree wholeheartedly.

> I think we either need to look at a DNS version of
> uridnsbl_skip_domain with long TTL's or we should look at releasing a
> .cf file.  I personally think the more proper implementation may be
> the DNS based version in order to avoid BigEvil type situations.

Indeed, my thoughts exactly.

Bill



More information about the Discuss mailing list