https://bz.apache.org/SpamAssassin/show_bug.cgi?id=8281
Bug ID: 8281 Summary: remove uribl.com from default ruleset Product: Spamassassin Version: unspecified Hardware: PC OS: Linux Status: NEW Severity: normal Priority: P2 Component: Rules Assignee: dev@spamassassin.apache.org Reporter: a...@boxyfrog.com Target Milestone: Undefined uribl.com lists are checked as part of the SpamAssassin default ruleset. uribl.com now adds domains to its blacklist [sic] simply when the domain registrar is one they declare "bad". Domains should be added to a blocklist only when they are actually observed to be sending spam. Domains that have no history of sending spam should be delisted upon request. urlbl.com has told me that namesilo and cloudflare, both very popular registrars, are unacceptable. Simply registering one's domain with one of them will get you on the blocklist, even if you send no spam and your email server is properly secured. The will not delist a domain registered with one of these registrars, even if there is no other basis for its listing. I could understand maybe listing IP addresses belonging to VPS hosters with a poor history of handling abuse... but domain registrars?!? This contradicts urlbl.com's own published policy, which states that black.uribl.com "contains domain names belonging to and used by spammers, including but not restricted to those that appear in URIs found in Unsolicited Bulk and/or Commercial Email (UBE/UCE). This list has a goal of zero False Positives." uribl.com no longer follows its own published policies. Listing domains based solely on their registrar will surely lead to a large number of false positives. I propose that having uribl.com lists checked by default delivers a bad experience for users, and this should be removed from the ruleset. -- You are receiving this mail because: You are the assignee for the bug.