[SURBL-Discuss] Additional phish/fraud list

Jeff Chan jeffc at surbl.org
Sun Sep 19 10:29:14 CEST 2004


On Saturday, September 18, 2004, 10:35:35 PM, Jay Swackhamer wrote:
> On Saturday, September 18, 2004 9:06 PM, Jeff Chan wrote:
>> The two strategies can be compatible in a somewhat kludgey way if
>> we chose to not reduce the whole URI data, causing them to not
>> match the domains extracted by SURBL code from messages found in
>> the wild.

> Yeah, that could possibly be an argument in the eval function...
> something like "check_uridnsbl('URIBL',1)" where the 1 does a match
> against the whole URI, but otherwise defaults to the URI reduction.

That would allow the function to use both types of data.
Getting them mixed up could create problems though.

>> I'd still be interested to hear if you may be able to provide
>> a version of the fraud data without sender domains or sender IPs.

> In the case of the fraud list, I recall that all the data is from URIs,
> and doesn't contain any sender IP or reverse DNS info.

That sounds right, looking at the data.

Jeff C.



More information about the Discuss mailing list