>-----Original Message----- >From: Daniel Quinlan [mailto:[EMAIL PROTECTED] >Sent: Friday, October 08, 2004 2:01 PM >To: Chris Santerre >Cc: 'Jeff Chan'; SURBL Discuss; SpamAssassin Developers >Subject: Re: Revised DMOZ data, got Wikipedia domains too > > >Chris Santerre <[EMAIL PROTECTED]> writes: > >> I think this is just plain nuts to whitelist all of these! Why? If we >> don't try to whitelist the most popular sites, then what the heck it >> the point? We could whitelist millions of legit domains forever. The >> popular ones are the most important. > >The points: > > - whitelisting legitimate domains limits the effectiveness of joe job > attacks that result in FPs in various SURBL blacklists > - whitelisting could be used as negative points for MAIL FROM if > combined with SPF (and more domains is better)
Yeah, but not everyone is using SPF yet. But if they were, sure! > >In addition: > > - I would only whitelist those domains (a) subject to editorial > removal (b) so long as their domain registration is old enough and > (c) so long as they pass other criteria such as no SBL listing for > NS->A. Yeah date seems to be key in more and more cases. Granted a spammer could buy one of these older ones, but hasn't happened often enough. > - I would maintain the automated whitelist separately from the human > edited whitelist and handle it differently. For example, perhaps > automated whitelist entries can only remove a single blacklist hit > (like SpamCop), but to remove two independent blacklist hits, it > requires a human decision. > Did you look at the example from the list I gave? It doesn't even have a web page! Just says testing. I'm all for whitelisting, but popular/useful domains only. >> so: >> -1 for adding all those intersected to WL >> +1 for whitelisting the blacklist hits. > >I think there are other options available due to the miracle of >programming. ;-) > Well like they say around here, "You can't argue with success." But taking away spam points based on an autowhitelist still makes me nervous. But you might have a few tricks up your sleeve D.Q. that I don't know about yet ;) --Chris
