[SURBL-Discuss] SURBL and listing abuse address

Nick Askew Nick at Askew.nl
Mon Dec 20 21:42:26 CET 2004


> > I'm relatively new to all this so please forgive me if this 
> has been 
> > suggested before or indeed if it is simply possible with other mail 
> > servers. It occurs to me that we could list the various abuse 
> > addresses of the ISP hosting the black listed site and this 
> could be 
> > returned when a match is found. If the server software then bounced 
> > the mail not to the sender but to the abuse address we 
> would seriously 
> > start to affect these ISP's.
> 
> Most of these domains either dont have abuse addresses, nor 
> care about any abuse email that rolls their way (the're just 
> dummy domains who only exist for a month to spam, then die).. 
> What you are suggesting is going to result in my server 
> queueing the message (rather than just returning a 5xx half 
> way through the SMTP conversation) and sending it to a 
> (probably bogus) abuse address, which will bounce..
> 
Yes I suppose if you simply perform a whois on the IP address of the
site you will end up with some spammer that does not care if you post to
abuse or postmster. However I would think that most spam domains are
purchased off other ISP's so after a while perhaps it would be possible
to change the listed address to that of the ISP's ISP and so on until
someone takes notice.

I'm sure that actually fetching the content of the site would work to
deter people from sending out their URL as spam but it would lead to a
new problem. Every machine in the world using SURBL (and let's face it
that should be everyone, it works so well) could be used for a DoS
attack just by sending an email (OK the domain would need to be in
SURBL).




More information about the Discuss mailing list