https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7835
Bug ID: 7835
Summary: Domain blacklists domain wildcarding
Product: Spamassassin
Version: unspecified
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P2
Component: Libraries
Assignee: [email protected]
Reporter: [email protected]
Target Milestone: Undefined
The current SA libraries dont take into account that both DBL and SURBL provide
wildcarded lists. They strip down the domain to the base level. Where this
iosnt needed. Due to this the community is missing many listings that are
inside both of those lists.
Now we can submit requests to add domains to the util_rb_2tld files but that
doesnt really scale and its too slow also.
For example:
page.link isnt listed inside SURBL but <abused-subdomain>.page.link is.
And this is just an example to outline.
We see that many of the bad actors are abusing free services. Cloudplatforms
and such and adding domains to 2/3tld files could work but again way to slow.
If you want to take full advantage of the capabilities that SURBL hands to the
community it would be far better to not strip down the domains to the base
level all the time. the same applies for the DBL list that is also wildcarded.
URIBL isnt wildcarded as far as i know but Alex could comment on that.
If you need more info dont hesitate to mail me.
With kind regards, Raymond Dijkxhoorn - SURBL
--
You are receiving this mail because:
You are the assignee for the bug.
