[SURBL-Discuss] general questions.....
jeffc at surbl.org
Fri Nov 19 11:38:20 CET 2004
On Thursday, November 18, 2004, 12:13:26 PM, Chris Santerre wrote:
> About 15% of the spams I get are not in SURBL, but are by the time I try to
> add :)
Ask Terry Sullivan sometime what the theoretical maximum
detection rate of a collective spam classification system might
be. He had some research showing it maxes out at around 85%.
So we're probably already pretty close to the theoretical
limits of this type of system.
> I have not done any study of domains that continue to try to spam despite
> being in SURBL. Any numbers on these? Possibly the most/longest hit domain
> in SURBL lookups??
> SHould we post the top 25 lookups to SURBL?
You mean like:
This sample of blocklist hits of SURBL list DNS queries ranked by
number of hits?
Or the overall DNS queries:
including blocklist, whitelist, and unmatched hits, etc.
> This way people can look at
> maybe denying these by IP at firewall?
If you're talking about sender IPs, zombies would defeat that.
Or do you mean having the firewall parse the email messages and
do a name resolution on the URI domains?
"If it appears in hams, then don't list it."
More information about the Discuss