[SURBL-Discuss] Re[2]: Bug in Spamcop's surbl add-on module

David Hooton djh-lists at platformhosting.com
Fri May 7 15:18:17 CEST 2004

> -----Original Message-----
> From: discuss-bounces at lists.surbl.org [mailto:discuss-
> bounces at lists.surbl.org] On Behalf Of Robert Menschel
> Sent: Friday, 7 May 2004 1:18 PM
> To: Jeff Chan
> Cc: SURBL Discuss; spamassassin-users at incubator.apache.org
> Subject: [SURBL-Discuss] Re[2]: Bug in Spamcop's surbl add-on module
> Hello Jeff,
> Thursday, May 6, 2004, 3:52:55 AM, you wrote:
> JC> OK I've added a "new"-style regex to remove any subdomains on
> JC> generic TLD domains:
> JC>     http://www.icann.org/tlds/
> JC>
> JC>
> s/^([^\.]*\.)+([^\.]*)\.(com|net|org|edu|mil|biz|info|int|arpa|name|museum
> |coop|aero|pro)$/\2.\3/
>                                                                    ^^^^
> The name.tld started life as a 3-level TLD.  Many people have individual
> abc.def.name domains (eg: my own robert.menschel.name).
> If you strip that third level, that means that if someone registers
> spammer.menschel.name (which I have no control over), since I cannot
> register menschel.name), and spammer.menschel.name then gets added to
> your lists, my robert.menschel.name will be collateral damage.

We've also found professional email marketing companies which are used by
both large whitehat companies & some other companies which are far less
reputable.  These companies regularly use the client.domain.com format for
image & href urls, rather than blocking the whole domain we block/whitelist
the subdomain.

Is there a problem in leaving this kind of flexibility in the plugin and
also the surbl.org SURBL's?



 Pain free spam & virus protection by:          www.mailsecurity.net.au
 Forward undetected SPAM to:                   spam at mailsecurity.net.au

More information about the Discuss mailing list