[SURBL-Discuss] general questions.....

Jeff Chan jeffc at surbl.org
Tue Nov 23 22:58:55 CET 2004

On Tuesday, November 23, 2004, 12:25:16 PM, Steven Champeon wrote:
> For me, I'm coming to the point of simply distinguishing between mail
> delivery attempts that occur in the context of abusive behavior (e.g.,
> as part of the same session that tries to deliver to a spamtrap) or has
> so many things wrong with either the remote host (no rDNS, mismatch rDNS
> and HELO, known forged HELO, HELO as blacklisted domain, etc.) or with
> the message itself (missing Message-ID, tracking device header,
> misleading MIME content-type - ie, multipart/mixed with only one part,
> which though legal (!) is a very strong indicator of spam, etc.)

Which is ok for a breadth first approach that you guys take.

But for SURBLs we need that narrowed down to 100% pure spammers
only.  That's probably an impossible task, but that should be
our goal.

> I see a future in which legit mail servers are simply expected to be
> configured within a reasonable bound, and act in reasonably nonabusive
> ways, or else their mail will be rejected. Here, anyway. Unfortunately,
> the spammers will likely simply beat us to it, so even these checks
> become less useful. 

Yeah, it just means the spammers will need to fake or steal
services better.  That's why sender checks are probably less
useful than content checks.

Jeff C.
"If it appears in hams, then don't list it."

More information about the Discuss mailing list