[SURBL-Discuss] Re: uk DOT geocities DOT com

Jeff Chan jeffc at surbl.org
Thu Oct 13 08:21:59 CEST 2005


On Wednesday, October 12, 2005, 6:28:48 PM, Frank Ellermann wrote:
> Jeff Chan wrote:
 
>>> If "sc2" will have some shortcut resulting in essentially
>>> the same input it's of course fine,
 
>> It's not the same input; it's a direct, private database
>> query into SpamCop.  Some of the data may be the same, some
>> may not be.

> With "essentially the same input" I meant the manual spam
> reports, spam where SC tried to find some spamvertized URLs.

Yes, it's probably mostly the same content or at least the same
original source (SpamCop reports).

> Good news, SC now uses a working abuse address also for the
> geocities crap, example link taken from their "stats" page: 

> http://www.spamcop.net/sc?track=http://www geocities com/ghadifabecergil/

That just means the parsing is probably working correctly, which
of course is a good first step.

> (add missing dots for a working URL).  So now I'd expect that
> this "vote" later shows up on your WL hit list for geocities.
 
>> I don't want to talk about it further since these are the
>> private arrangements between SpamCop and Yahoo.

> There's nothing private about the new used reporting address,
> network-abuse at cc.yahoo-inc.com is just what ARIN says.

That's not the private Yahoo reporting address.

>> The less we reveal to spammers the better.

> It has still to be enough that I can trust it.  Something is
> phishy if geocities gets some extra-processing only because
> they are big.  For a spamvertized geocities URL SpamCop now
> needs 40 (!) reloads of the parsing until it finds the IP -
> and that's the bad news.

I'm not sure how you are determining this, but if you think
there's a problem with SpamCop's processing you may want to
document it and let them know.  Please remember that they are
trying to stop spam too.  They are not the enemy.

> I've no idea what the problem is, but it wouldn't surprise me
> if somebody working from within Yahoo! tries to play games with
> SpamCop.  OTOH I'd doubt that these persons control everything,
> maybe network-abuse at cc.yahoo-inc stops this "insider business".

Far more likely Yahoo is a very big, rapidly-growing company with
many different departments that don't always coordinate things.

Jeff C.
--
Don't harm innocent bystanders.



More information about the Discuss mailing list