[SURBL-Discuss] RFC: Adding malwaredomains.com data to phishinglist?

Jeff Chan jeffc at surbl.org
Wed Nov 28 09:46:09 CET 2007


Quoting "Phil (Medway Hosting)" <phil at medwayhosting.com>:

> Seems to me that if the SOURCE of the data is reliable and correct (in that
> the site DOES contain [malware]), but the domain is whitelisted somewhere,
> then it's a good reason to remove the whitelisting. Not to remove the
> listing from the [malware] list.

We use our whitelist internally to exclude domains from blacklisting.  If a site
is whitelisted, it is generally assumed to be a responsible operation that would
actively correct compromised sites, remove malware content, phishing sites,
spammed sites, etc.  Therefore the logic of un-doing the whitelisting if
malware appears would be arguably incorrect.  The ones who are whitelisted are
the ones likely to do the right thing.

Jeff C.


More information about the Discuss mailing list