[SURBL-Discuss] Whitelist Please

Jeff Chan jeffc at surbl.org
Wed Sep 8 01:21:01 CEST 2004


On Tuesday, September 7, 2004, 10:32:08 AM, Justin Mason wrote:
> Frank Ellermann writes:
>> Jeff Chan wrote:
>> > While I agree that these "spam to your friends with jokes,
>> > greetings, prayers, whatever" sites are stupid and highly
>> > abuse-prone, they do have some legitimate uses and should
>> > probably not be blocked globally.
>> 
>> IBTD.  You could split your whitelist into "Jeff found some
>> potentially legitimate use" and "really innocent bystanders".

> There's another issue to think about, when you're talking about SURBL
> listings. A domain listed in SURBL may not have anything to do with the
> *sender* of the message; it matches the domains mentioned inside a message
> *that may have been sent by someone else*.

> I think this means that the SURBL situation is uniquely different from
> most DNSBLs.   Generally a DNSBL matches against the *sender* of a
> message.  If a sender is listed, their messages and only their messages
> are blocked.   

> But in the SURBL case, a listing means that their messages, forwarded
> copies of their messages, cut-and-pastes from parts of their messages,
> etc. will also be listed.

> This inherently means that for a certain case of borderline domains,
> a listing will result in more FPs even if the original sender has
> spammy tendencies.

> - --j.

In other words content blocking is quite different from envelope
or sender blocking.  It's easy to get somewhat stuck thinking in
terms of a sender blocking paradigm.  Indeed that's not what
we're doing here. 

This is part of the reason content blocking in general is
contentious and controversial.  There is a lot of potential
for abuse, collateral damage, wide-reaching mistakes, etc.

In a gamer's analogy, we have the BFG9000 with quad damage
and friendly fire is on.

We need to be careful in applying this tool or we can
easily do more harm than good.

Jeff C.



More information about the Discuss mailing list