[SURBL-Discuss] Capital One redirector

Chris Santerre csanterre at MerchantsOverseas.com
Thu Apr 14 21:01:17 CEST 2005



>-----Original Message-----
>From: John_Delisle at ceridian.ca [mailto:John_Delisle at ceridian.ca]
>Sent: Thursday, April 14, 2005 2:31 PM
>To: SURBL Discussion list
>Subject: RE: [SURBL-Discuss] Capital One redirector
>
>
>I'm not so sure - I suspect they may do nothing, and RBL will 
>go unused.
>
>How will the maintainers of this new RBL deal with either of these 
>scenarios?
>
>A - Mail admins start using the redir-SURBL or whatever 
>they're calling 
>it, and everyone complains that mail from these sites isn't 
>working, and 
>the admins are pressured into disabling the feature.  This 
>will decrease 
>its the RBLs popularity, and there's no pressure on those 
>listed to work 
>to get off the list, since no one's using it.
>
>B - Because big organizations are listed, no one adopts it 
>because they 
>know it will be a nightmare to deal with complaints.  There is 
>no pressure 
>to get off an un-used RBL, so no one changes the bad behaviour.
>
>Maybe I'm missing something, but since these domains are 
>included in SO 
>MANY ham emails, there's no chance I'd think of enabling this in my 
>environment.
>
>Perhaps the redirect-SURBL (or whatever it's called..) could 
>look at the 
>full URL, not just the FQDN.  Really you don't want to block 
>dell.com, you 
>want to block dell.com/some-insecure-redir/foo.php etc.
>
>I hope this didn't all sound negative but to make this effort 
>worthwhile 
>someone has to figure it out. 

All good points John. And don't we haven't thought of that. We will have the
ability to disable all the redirs listed in at our whim. So if it goes that
way, we can do it. We can also right some rules for this. 

It took a awhile for people to block open relays. I expect this will go
exactly the same way.

And please, before Jeff has a heart attack, this has nothing to do with
SURBL. Just call it the Gray URIBL. Otherwise Jeff will have gray hairs ;) 

--Chris 


More information about the Discuss mailing list