[SURBL-Discuss] Re[2]: Bug in Spamcop's surbl add-on module

Jeff Chan jeffc at surbl.org
Thu May 6 22:36:31 CEST 2004

On Thursday, May 6, 2004, 9:18:17 PM, David Hooton wrote:
>> -----Original Message-----
>> From: discuss-bounces at lists.surbl.org [mailto:discuss-
>> bounces at lists.surbl.org] On Behalf Of Robert Menschel

>> The name.tld started life as a 3-level TLD.  Many people have individual
>> abc.def.name domains (eg: my own robert.menschel.name).
>> If you strip that third level, that means that if someone registers
>> spammer.menschel.name (which I have no control over), since I cannot
>> register menschel.name), and spammer.menschel.name then gets added to
>> your lists, my robert.menschel.name will be collateral damage.

> We've also found professional email marketing companies which are used by
> both large whitehat companies & some other companies which are far less
> reputable.  These companies regularly use the client.domain.com format for
> image & href urls, rather than blocking the whole domain we block/whitelist
> the subdomain.

> Is there a problem in leaving this kind of flexibility in the plugin and
> also the surbl.org SURBL's?

In principle the system can be made to handle subdomains or any
arbitrary levels of domains, but in practice we have not found it
useful or necessary very often.  Typically a domain is either
spammy or it isn't.  Reputable domains don't allow spammer
subdomains; for example spammer.yahoo.com or spammer.msn.com
don't exist or wouldn't for very long.

Most of the hard core spammers seem to use a disposable second
level .com domain for a few days then abandon it in favor of
a new one.

The quick and perhaps somewhat wrong solution is to whitelist
client.domain.com if domain.com is partially legitimate.
In practice we don't see that happening too often, though I'm
interested in hearing examples.

Jeff C.

More information about the Discuss mailing list