[SURBL-Discuss] Re: Jeff's whitelists

Jeff Chan jeffc at surbl.org
Sat Jul 17 14:52:03 CEST 2004


On Saturday, July 17, 2004, 1:42:26 PM, Frank Ellermann wrote:
> Jeff Chan wrote:

>> Maybe you could forward one to me off list and explain how
>> you think they got your address.

> It's the same idea as in any C/R system:  The spammer forges
> an almost arbitrary MAIL FROM for his stuff.  The challenge
> goes to the MAIL FROM, e.g.

> <http://www.spamcop.net/sc?id=z554014790zc260cd9fdfc657ecb5cd7e70a6026bf1z&action=display>

> Following this link you see the complete spamarrest challenge
> incl. the link to their "webmaster affiliate program".  Their
> business model is to sell "spam filtered" addresses, where the
> filtering is done by the innocent bystanders (= forged address
> in the spam).

>> They may be one of those gray domains that we might not want
>> blocking on.

> Why should you want to support a commercial C/R system ?  It's
> just UBE asking third parties (forged addresses) to filter the
> spam for their customers.  If you find spamarrest.com in the SC
> data then that's no "error", therefore it should be reflected
> in sc.surbl.org 

It sounds like a spammer is abusing spamarrest.com's services.
Is that correct?  If so that should be reported back to
spamarrest as abuse.  Or is spamarrest *originating* these
messages purely themselves?  In other words is spamarrest
actively, directly sending these out themselves?  If the latter,
I agree spamarrest should be listed.  If the former, it's more
like a Joe Job against spamarrest, same as if I listed
Claranet.de in some spams.  That would not make claranet
a spammer, right?

Jeff C.



More information about the Discuss mailing list