[SURBL-Discuss] RFC: Adding malwaredomains.com data to phishing
list?
Jeff Chan
jeffc at surbl.org
Mon Nov 26 16:14:08 CET 2007
Quoting Joseph Brennan <brennan at columbia.edu>:
>
>
> --On Sunday, November 25, 2007 18:51 -0800 Jeff Chan <jeffc at surbl.org>
> wrote:
>
> > Does anyone have any comments on adding the malware domains at:
> >
> > http://www.malwaredomains.com/
> >
> > to the SURBL phising list, with significant filtering to exclude
> > possible false positives? The actual list would be the third field
> > of:
> >
> > http://www.malwaredomains.com/files/domains.txt
> >
> > The data includes malware and phishing sites.
>
>
> The first field seems to be the URI we would see in mail. Isn't that
> what we would want to search?
>
> Otherwise I don't understand why the third field repeatedly lists
> F-Secure's pages about virus threats at http://www.f-secure.com/weblog/.
> We would not want to interfere with mail referring to F-Secure.
>
> Another third field, www.webhelper4u.com/cws/cwsbyalphanumeric.html,
> listed many many times, is a 404.
Thanks. There are some leading tabs, and the fields are tab-separated, so the
third tabbed field is the first visible one (on uncommented records).
Cheers,
Jeff C.
More information about the Discuss
mailing list