[SURBL-Discuss] Rookie Question

Kevin A. McGrail kmcgrail at pccc.com
Fri Dec 31 01:26:33 CET 2004


> I think it's already been evaluated and decided against for a
> number of reasons.  IIRC a major one was additional CPU time
> for diminishing returns.  There are a lot more .somethings
> to check than http:// and www.  Generally the behavior of MUAs
> is followed, where it makes sense to do so.  Also there's
> a lot more spam with functional URIs than plain domains.

Besides the CPU time which I can agree, I would argue that subset of email
with plain domains should be treated as it's own set.

Therefore, after SURBL is run against http:// and www, what is the hit ratio
against the emails with plain domains?  Perhaps running it as a second pass
only if http:// and www aren't found would be generally good if the false
positive rate isn't too high and just for .com/.net/.org/.info/.biz and any
other TLDs that are recommended and readily abused.

Regards,
KAM



More information about the Discuss mailing list