[SURBL-Discuss] Capital One redirector

John_Delisle at ceridian.ca John_Delisle at ceridian.ca
Thu Apr 14 20:30:37 CEST 2005


I'm not so sure - I suspect they may do nothing, and RBL will go unused.

How will the maintainers of this new RBL deal with either of these 
scenarios?

A - Mail admins start using the redir-SURBL or whatever they're calling 
it, and everyone complains that mail from these sites isn't working, and 
the admins are pressured into disabling the feature.  This will decrease 
its the RBLs popularity, and there's no pressure on those listed to work 
to get off the list, since no one's using it.

B - Because big organizations are listed, no one adopts it because they 
know it will be a nightmare to deal with complaints.  There is no pressure 
to get off an un-used RBL, so no one changes the bad behaviour.

Maybe I'm missing something, but since these domains are included in SO 
MANY ham emails, there's no chance I'd think of enabling this in my 
environment.

Perhaps the redirect-SURBL (or whatever it's called..) could look at the 
full URL, not just the FQDN.  Really you don't want to block dell.com, you 
want to block dell.com/some-insecure-redir/foo.php etc.

I hope this didn't all sound negative but to make this effort worthwhile 
someone has to figure it out. 

John Delisle, CISA
Senior Network Analyst, Network and Security Team
Information Systems & Technology Management Dept.
Ceridian Canada Ltd
600 - 125 Garry St
Winnipeg, MB
R3C 3P2
204-975-5909




"Matthew Wilson" <matthew at boomer.com> 
Sent by: discuss-bounces at lists.surbl.org
04/14/2005 12:35 PM
Please respond to
SURBL Discussion list <discuss at lists.surbl.org>


To
"SURBL Discussion list" <discuss at lists.surbl.org>
cc

Subject
RE: [SURBL-Discuss] Capital One redirector






It'll be interesting when Microsoft, Google, Dell, and other huge sites
are listed in that gray list. 

> All open redirs are going to be listed on our gray uribl 
> list. We are still finishing up the infrastructure now. 
> Already have a bunch of mirrors. So as soon as its up, I'm 
> sure a lot of these guys will sit up and take notice at their 
> emails being blocked. 
> 
> Our list will consider ANY open redirector to be in the same 
> category as an open mail relay.
> 
> I've already started looking for more of these open redirs. 
> 
> --Chris
> _______________________________________________
> Discuss mailing list
> Discuss at lists.surbl.org
> http://lists.surbl.org/mailman/listinfo/discuss
> 
> 
> 


_______________________________________________
Discuss mailing list
Discuss at lists.surbl.org
http://lists.surbl.org/mailman/listinfo/discuss




More information about the Discuss mailing list