> Now that I think about this, why shouldn't we do the lookup for mailto: URIs?
There is a class of spam that sticks completely bogus contact information into the text-only part of the message. This is bogus in the sense of being completely unrelated to the spam, but it appears probable that it is a form of joe-job for whoever has been selected from what appears to be a list of corporate contact names for Asian companies. If you got an SURBL hit on such an address it would be pure happenstance. Other than those cases I don't have any statistics other than gut feeling; but I think the prevelence of valid mailto links in spam, pointing to the spam domain, is close to nil. Virtually all of the mailto links I can recall seeing were in 'unsubscribe' links, and most of those appeared to be completely bogus at the outset. Thus, I think that while there is a "valid" hostname in a mail link, it probably would be a good idea to NOT process it through surbls.
