[SURBL-Discuss] Whitelist Please

Frank Ellermann nobody at xyzzy.claranet.de
Tue Sep 7 18:10:50 CEST 2004

Jeff Chan wrote:

> While I agree that these "spam to your friends with jokes,
> greetings, prayers, whatever" sites are stupid and highly
> abuse-prone, they do have some legitimate uses and should
> probably not be blocked globally.

IBTD.  You could split your whitelist into "Jeff found some
potentially legitimate use" and "really innocent bystanders".

The first white list should not be used to overrule SpamCop
reports in sc.surbl.org.  Thousands of SC users have an idea
why they report spam, and these ideas don't necessarily match
your personal definition of "potentially legitimate use".

Spam is about consent and not about "potentially legitimate
use" or similar vague constructs.

> euniverse is either a spamhaus or not.

It's not that simple.  We've already discussed this problem
with the pyramid scheme "spamarrest.com", a spammer styling
itself as "anti-spam".  IIRC they never made it as candidate
for sc.surbl.org, the technical definition of spam works as
expected.  It's unnecessary to add your personal definition
of "potentially legitimate use" to sc.surbl.org if there is
a way to catch obvious errors like BBC-links in 419 spam.

> it seems odd to me that one part of their operation would
> be somewhat responsible, and another part would be blatantly
> spamming.

Yes, that's odd.  But this shouldn't be your problem, it's
their weird business model.  Please use the SC input as is,
don't try to censor it.

> I place organizations that use their own mail servers in
> a different class than those who are using zombies

For the SC input there should be only two classes:  Obvious
errors or votes as defined on your "I have a dream" page.

| we judge spam messages based on what they say, not where
| they come from.

There are no "rogue nations".  The average admin in China is
like the average admin in Florida.  China is only bigger.

| More reports means more votes that a given site is indeed
| spam. The quality of data is reinforced by the conscientious
| efforts of good people in reporting the spam. In this sense
| it is democracy in action.

Nothing about "potentially legitimate use" on the SC data page.
IMHO that's a feature and no bug.  Simply tune the technical
definition of spam until it matches your ideas of "potentially
legitimate use".  Manual interventions should be _exceptions_
for the sc.surbl.org zone.  Less work for you, and prepared to
run in unattended mode.
                            Bye, Frank

More information about the Discuss mailing list