[SURBL-Discuss] RE: Revised DMOZ data, got Wikipedia domains too

Bill Landry billl at pointshare.com
Fri Oct 8 21:05:36 CEST 2004


----- Original Message ----- 
From: "Chris Santerre" <csanterre at merchantsoverseas.com>

> >> I think this is just plain nuts to whitelist all of these! Why? If we
> >> don't try to whitelist the most popular sites, then what the heck it
> >> the point? We could whitelist millions of legit domains forever. The
> >> popular ones are the most important.
> >
> >The points:
> >
> >  - whitelisting legitimate domains limits the effectiveness of joe job
> >    attacks that result in FPs in various SURBL blacklists
> >  - whitelisting could be used as negative points for MAIL FROM if
> >    combined with SPF (and more domains is better)
>
> Yeah, but not everyone is using SPF yet. But if they were, sure!
> >
> >In addition:
> >
> >  - I would only whitelist those domains (a) subject to editorial
> >    removal (b) so long as their domain registration is old enough and
> >    (c) so long as they pass other criteria such as no SBL listing for
> >    NS->A.
>
> Yeah date seems to be key in more and more cases. Granted a spammer could
> buy one of these older ones, but hasn't happened often enough.
>
> >  - I would maintain the automated whitelist separately from the human
> >    edited whitelist and handle it differently.  For example, perhaps
> >    automated whitelist entries can only remove a single blacklist hit
> >    (like SpamCop), but to remove two independent blacklist hits, it
> >    requires a human decision.
> >
>
> Did you look at the example from the list I gave? It doesn't even have a
web
> page! Just says testing. I'm all for whitelisting, but popular/useful
> domains only.
>
> >> so:
> >> -1 for adding all those intersected to WL
> >> +1 for whitelisting the blacklist hits.
> >
> >I think there are other options available due to the miracle of
> >programming.  ;-)
>
> Well like they say around here, "You can't argue with success."
>
> But taking away spam points based on an autowhitelist still makes me
> nervous. But you might have a few tricks up your sleeve D.Q. that I don't
> know about yet ;)

If the whitelist is setup as a SURWL, for example, using it or not would be
an option to each individual mail administrator.  And the negative weight
applied to reduce the score would be totally dependant on the discretion of
the SURWL user.

Bill



More information about the Discuss mailing list