[SURBL-Discuss] proxypots
Justin Mason
jm at jmason.org
Wed Jun 16 13:35:00 CEST 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Jeff Chan writes:
> I was going to propose taking the top Nth percentile of reports,
> hopefully from a large base of pots, but a large poisoner could
> break into that too.
hmm. probably helpful, as long as they generate random URLs for
every mail.
> Another approach, which Outblaze apparently applies to their
> domains to block on is to only list domains that have been
> registered within the last 90 days. The principle is that the
> newness is a good partial predictor of spammyness and that
> could have some value.
yes, that would probably help...
> All of the above may not be enough to obtain good results
> automatically, mainly due to the poisoning problem you
> mention.
>
> > Its 'just' a extra source, ... on mu pot i found a couple domains that
> > were indeed spammer domains but not listed yet. It involves some manual
> > action but i think its nice additions.
>
> Hand-checking could make it feasible.
definitely, that's the key. Even checking the URLs (dump the text
with "lynx -dump" for example) would probably help.
- --j.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Exmh CVS
iD8DBQFA0KDkQTcbUG5Y7woRAoXxAKCkkmKNnHXHkKNkhwhO42LHlAfU/QCgpv3K
EAdanarGX05b93AbFKnxkkw=
=+FcL
-----END PGP SIGNATURE-----
More information about the Discuss
mailing list