On Saturday, April 3, 2004, 12:52:23 PM, Daniel Quinlan wrote: > Jeff Chan <[EMAIL PROTECTED]> writes: >> I agree with the content check, but will step on many toes here >> by proclaiming that other blacklists (other than SBL), name >> servers, registrars, ISP address blocks, and similar approaches >> are overly broad and have too much potential for collateral >> damage *for my sensibilities*.
> There are other blacklists just as accurate as SBL (and some more > accurate). And bear in mind these are secondary checks to lower the > threshold for a URI already reported to SpamCop so the accuracy should > be really good (two 99% accurate features => more than 99% accurate > together). Understood. I never claimed SURBL was a 100% solution to all spam, but I feel it can give some good results which could be useful and probably should not be ignored. I absolutely agree it should be used in conjunction with other RBLs and techniques. >> I really, really hate blacklisting innocent victims. I consider that >> a false accusation or even false punishment. Having policies which >> allow blacklisting an entire ISP or even an entire web server IP >> address have the potential to harm too many innocent bystanders, IMO. >> Your mileage may and probably does vary. ;) > You already have a repeated URL. Not sure what you mean. If you mean a domain fell off the list then came back on, I agree that's possible with the current simple, initial tuning. If you mean there are multiple domains on the list resolving to the same web server or using the same name server, yes, that's definitely going to happen. > Are you just railing about other > blacklists or did you really consider my suggestion? See above. I'm not comfortable with all RBLs or their approaches, but I use some myself. I definitely agree SURBL should be used with other RBLs to catch spams it may miss. The more pre-emptive approach of SBL and others like it seem justified in terms of catching known spam gangs, spamhausen and the like. > I think pre-seeding a whitelist would be a sensible precaution against > joe jobs and the more sporadic (for any one domain, SpamCop has false > positives probably every day) type of false positive. Yes, we are pre-seeding our whitelist. Any whitelists anyone wants to share with us or reference would be gratefully accepted and also hand checked by me before any get added to our whitelist. > I only made these suggestions to > potentially allow you to selectively lower or raise your threshold for > specific URLs based on other data and therefore increase your accuracy > and spam hit rate. Yes and I appreciate your suggestions. I think we may be agreeing more than disagreeing. I will definitely let folks here know when we have a 3.0 plugin, modify URIDNSBL, can find some coding help, etc. Jeff C. -- Jeff Chan mailto:[EMAIL PROTECTED] http://www.surbl.org/
