[SURBL-Discuss] Re: Jeff's whitelists

Frank Ellermann nobody at xyzzy.claranet.de
Sat Jul 17 23:42:26 CEST 2004


Jeff Chan wrote:

> Maybe you could forward one to me off list and explain how
> you think they got your address.

It's the same idea as in any C/R system:  The spammer forges
an almost arbitrary MAIL FROM for his stuff.  The challenge
goes to the MAIL FROM, e.g.

<http://www.spamcop.net/sc?id=z554014790zc260cd9fdfc657ecb5cd7e70a6026bf1z&action=display>

Following this link you see the complete spamarrest challenge
incl. the link to their "webmaster affiliate program".  Their
business model is to sell "spam filtered" addresses, where the
filtering is done by the innocent bystanders (= forged address
in the spam).

> They may be one of those gray domains that we might not want
> blocking on.

Why should you want to support a commercial C/R system ?  It's
just UBE asking third parties (forged addresses) to filter the
spam for their customers.  If you find spamarrest.com in the SC
data then that's no "error", therefore it should be reflected
in sc.surbl.org 

>> vague criteria like "publicly listed, subject to laws".
> Actually it's pretty specific and not vague.

It's very vague, whose and which laws, resp. which lists ?  In
the case of sc.surbl.org the relevant rules are the SC rules.
Of course you could remove (= whitelist) obvious errors like
links to BBC reports in 419 spam.  When you see a JoeJob or 
other cases of innocent bystanders that would be specific.

> pfizer.com is whitelisted

Bad idea.  Big companies do spam from time to time, in the past
because they were ignorants, and today because shit happens.

> (Nor are we attempting to whitelist CAN-SPAM activity;
> generally we let the data speak for itself.)

ACK, that's what I want, with minimal manual interventions to
catch errors, JoeJobs, and innocent bystanders.  Bye, Frank




More information about the Discuss mailing list