spamassassin-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Daniel Quinlan <quin...@pathname.com>
Subject Re: Announcing SpamCopURI 0.08 support of SURBL for spam URI domain tests
Date Sat, 03 Apr 2004 08:34:24 GMT
Jeff Chan <jeffc@surbl.org> writes:

> Can you cite some examples of FP-prevention strategies?

1. Automated testing.  We're testing URLs (web sites).  That allows a
   large number of strategies which could be used from each aspect of
   the URL.

     A record
       check other blacklists
       check IP owner against SBL 
     domain name
       check name servers in other blacklists
       check registrar
       check age of domain (SenderBase information)
       check ISP / IP block owner (SenderBase, SBL, etc.)
     web content
       check web site for common spam web site content (porn, drugs, credit
	 card forms, empty top-level page, etc.)

   Any of those can also be used in concert with threshold tuning.  For
   example, lower thresholds if a good blacklist hits and somewhat
   higher thresholds for older domains.

2. Building up a long and accurate whitelist of good URLs over time
   would also help.  Maybe work with places that vouch for domain's
   anti-spam policies (Habeas, BondedSender, IADB) to develop longer
   whitelists.

3. Using a corpus to tune results and thresholds (also whitelist
   seeding).

Daniel

-- 
Daniel Quinlan                     anti-spam (SpamAssassin), Linux,
http://www.pathname.com/~quinlan/    and open source consulting

Mime
View raw message