[SURBL-Discuss] Re: sc2 issue (?)
Frank Ellermann
nobody at xyzzy.claranet.de
Mon Nov 14 04:48:28 CET 2005
Jeff Chan wrote:
> Only one report came through SpamCop.
Ugh. Maybe it's filtered on a "per account"
or on a "per reporting IP" base.
> The domain and IPs are not listed in any other RBLs.
One day later they certainly made it to some lists:
wunsch-pen??.com (---4-21-): .multi.surbl.org
Just for fun I also spamcopped the next 19 samples
manually, but at this time it already was on 4+2+1.
> we could say that our tests are not sensitive enough
If you only got one hit from SC the "bug" or "feature"
is on SC's side. Your "known CIDR" accelerator can't
catch them all, they can simply hide in 217 or similar.
> I went ahead and manually blacklisted it anyway,
> assuming it's spam.
Sure like hell it is, maybe the same gang as the "OEM"
crap. And that could be their first smart move, send
German spam to addresses in ccTLD de. But probably
they just send it to any string with an "@". <sigh />
Bye, Frank
More information about the Discuss
mailing list