Return-Path: Delivered-To: apmail-incubator-spamassassin-dev-archive@www.apache.org Received: (qmail 64027 invoked from network); 3 Apr 2004 09:46:05 -0000 Received: from daedalus.apache.org (HELO mail.apache.org) (208.185.179.12) by minotaur-2.apache.org with SMTP; 3 Apr 2004 09:46:05 -0000 Received: (qmail 79316 invoked by uid 500); 3 Apr 2004 09:45:39 -0000 Delivered-To: apmail-incubator-spamassassin-dev-archive@incubator.apache.org Received: (qmail 79247 invoked by uid 500); 3 Apr 2004 09:45:39 -0000 Mailing-List: contact spamassassin-dev-help@incubator.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: list-post: List-Id: "SpamAssassin Development" Delivered-To: mailing list spamassassin-dev@incubator.apache.org Received: (qmail 79232 invoked from network); 3 Apr 2004 09:45:38 -0000 Received: from unknown (HELO smtp1.supranet.net) (66.170.1.10) by daedalus.apache.org with SMTP; 3 Apr 2004 09:45:38 -0000 Received: from jeffc (adsl-209-204-169-179.sonic.net [209.204.169.179]) (authenticated bits=0) by smtp1.supranet.net (8.12.10/8.12.10) with ESMTP id i339jo1l091392 (version=TLSv1/SSLv3 cipher=DES-CBC3-SHA bits=168 verify=NOT) for ; Sat, 3 Apr 2004 03:45:51 -0600 (CST) Date: Sat, 3 Apr 2004 01:45:51 -0800 From: Jeff Chan X-Mailer: The Bat! (v1.62q) Personal Reply-To: Jeff Chan X-Priority: 3 (Normal) Message-ID: <1577685710.20040403014551@supranet.net> To: SpamAssassin Developers Subject: Re: Announcing SpamCopURI 0.08 support of SURBL for spam URI domain tests In-Reply-To: <93922630.20040403012944@supranet.net> References: <20040402232714.05E3759001D@radish.jmason.org> <1953749737.20040402162524@supranet.net> <93922630.20040403012944@supranet.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N On Saturday, April 3, 2004, 1:29:44 AM, Jeff Chan wrote: > On Saturday, April 3, 2004, 12:34:24 AM, Daniel Quinlan wrote: >> domain name >> check name servers in other blacklists >> check registrar >> check age of domain (SenderBase information) >> check ISP / IP block owner (SenderBase, SBL, etc.) > name > servers, registrars, ISP address blocks, and similar approaches > are overly broad I should add that I fully understand that there are rogue ISPs, rogue name servers, rogue netblocks, etc., all of which deserve something much stronger than simply being rejected, blocked or blackholed. But SBL aside, it can be difficult to successfully identify the true bad guys using the above without catching too many innocents in the same net. That said, I use several of these other RBLs myself. I'm not necessarily opposed to them, but feel our approach with SURBL *adds* something hopefully new and effective. Jeff C. -- Jeff Chan mailto:jeffc@surbl.org-nospam http://www.surbl.org/