[SURBL-Discuss] Re: Spam in progress bit ...
opencomputing at gmail.com
sk.karthikeyan at gmail.com
Thu Aug 10 12:53:16 CEST 2006
>When was the last time Microsoft got listed in surbl ?
>Smaller lists might end up being sent from a false positive domain and
>the idea is that surbl test pattern
>(queries/minutes, burst/continuous, historical comparisons, geolocation
>and perhaps other metrics) should
>allow to differentiate between such a list and a spam run.
Spammers could add some fake URIs like yahoo.com, gmail.com,
microsoft.com to their spam runs so that their mails get a hammy
score(if surbl gives a negative score using some whitelisted URIs).
Also, spammers could use a badly configured good intentioned mailing
list like sourceforge.net or through services like yahoo.com, gmail.com
etc could reduce the accuracy. Having a grey +ve score for URIs queried
from MTAs with patterns matching a spam run is a nice idea though.
More information about the Discuss