[SURBL-Discuss] whitelist senderbase top domains?
Bill Landry
billl at pointshare.com
Wed Sep 8 18:23:02 CEST 2004
----- Original Message -----
From: "Jeff Chan" <jeffc at surbl.org>
> > Just wondering if the whitelisting will help
> > us to be more accurate in tagging the spammer URI in the message, thus
> > cutting down the possibility of the spammer URI not being one of the
random
> > 25 selected for checking against the SURBLs.
>
> > I'm curious to know what effect the SURBL whitelisting has as it applies
to
> > both SA 2.6x with the SpamCopURI plug-in and SA 3.0 with the URIDNSBL
> > plug-in and the random URI check limit threshold.
[SNIP]
> If you'd like, you can have a similar effect right now by
> adding the top N domains from:
>
> http://www.surbl.org/dns-queries.whitelist.counts.txt
>
> to the SpamCopURI manual whitelist in the conf file. You'd want
> to include both basedomain.com and *.basedomain.com . In fact
> this should be a good improvement for everyone using SpamCopURI
> to add.
Hmmm, tried this overnight and it cut my SURBL hit rate down to almost
nothing. I'm not sure why, unless the whitelist data is not being read into
memory and thus the list has to be parsed with each individual e-mail
message before the SURBL queries can be done. If that's the case, then it
could be possible that the queries are taking to long to start and SA is
timing them out based on the network tests timer expiration setting.
Or, could it be that if the SpamCopURI plug-in finds a whitelisted domain,
that it skips any further SURBL tests for that message? That could also
account for the very low hit rates when using the whitelist entries.
Bill
More information about the Discuss
mailing list