spamassassin-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jeff Chan <je...@surbl.org>
Subject Re: Announcing SpamCopURI 0.08 support of SURBL for spam URI domain tests
Date Sat, 03 Apr 2004 21:40:06 GMT
On Saturday, April 3, 2004, 12:52:23 PM, Daniel Quinlan wrote:
> Jeff Chan <jeffc@surbl.org> writes:
>> I agree with the content check, but will step on many toes here
>> by proclaiming that other blacklists (other than SBL), name
>> servers, registrars, ISP address blocks, and similar approaches
>> are overly broad and have too much potential for collateral
>> damage *for my sensibilities*.

> There are other blacklists just as accurate as SBL (and some more
> accurate).  And bear in mind these are secondary checks to lower the
> threshold for a URI already reported to SpamCop so the accuracy should
> be really good (two 99% accurate features => more than 99% accurate
> together).

Understood.  I never claimed SURBL was a 100% solution to all
spam, but I feel it can give some good results which could be
useful and probably should not be ignored.  I absolutely agree
it should be used in conjunction with other RBLs and techniques.

>> I really, really hate blacklisting innocent victims.  I consider that
>> a false accusation or even false punishment.  Having policies which
>> allow blacklisting an entire ISP or even an entire web server IP
>> address have the potential to harm too many innocent bystanders, IMO.
>> Your mileage may and probably does vary.  ;)

> You already have a repeated URL.

Not sure what you mean.  If you mean a domain fell off the list
then came back on, I agree that's possible with the current
simple, initial tuning.  If you mean there are multiple domains
on the list resolving to the same web server or using the same
name server, yes, that's definitely going to happen.

> Are you just railing about other
> blacklists or did you really consider my suggestion?

See above.  I'm not comfortable with all RBLs or their
approaches, but I use some myself.  I definitely agree
SURBL should be used with other RBLs to catch spams it
may miss.  The more pre-emptive approach of SBL and others
like it seem justified in terms of catching known spam
gangs, spamhausen and the like.

> I think pre-seeding a whitelist would be a sensible precaution against
> joe jobs and the more sporadic (for any one domain, SpamCop has false
> positives probably every day) type of false positive.

Yes, we are pre-seeding our whitelist.  Any whitelists
anyone wants to share with us or reference would be gratefully
accepted and also hand checked by me before any get added
to our whitelist.

> I only made these suggestions to
> potentially allow you to selectively lower or raise your threshold for
> specific URLs based on other data and therefore increase your accuracy
> and spam hit rate.

Yes and I appreciate your suggestions.  I think we may be
agreeing more than disagreeing.

I will definitely let folks here know when we have a 3.0
plugin, modify URIDNSBL, can find some coding help, etc.

Jeff C.
-- 
Jeff Chan
mailto:jeffc@surbl.org-nospam
http://www.surbl.org/


Mime
View raw message