Chris Santerre wrote:
> Matt Kettler wrote:
>> My FPs fall into two categories:
>>
>> 1) URIs that would likely never appear outside of a specialty
>> newsletter. I've
>> had lots of hits on things like:
>> -Authors of programmer's tools
>> -producers of electronic parts
>> -producers of embedded computer systems (Note: embedded, not
>> normal computers..
>> companies like versalogic.com that make parts that only a
>> kiosk manufacturer or
>> extreme geek would use)
>
> Agreed. And we have seen these be more JoeJobs. But some are not. Some
> simply hire mass emailers thinking they are legit, only to find out they
> are not. Just because they are legit for you, doesn't mean they haven't
> spammed someone else. You ask, we remove.
Yes, the only problem is that I'm getting tired of having to track down sample
emails for FPs so I can find which URI a URIBL FPed on.
But really, how often or not a URIBL FP's isn't really the point. The point is
they DO FP, and it's really quite common for FP's to be multi-listed. That
multi-listing wields some hefty score biases, way beyond the power of any other
rule in spamassassin other than BLACKLIST_* and GTUBE.
I merely find it to be a big problem that URIBLs on the general whole are rather
FP prone, and prone to "cascades" of FPs which unleashes havoc from the strong
scores the perceptron gave them.
I think the reason the perceptron gave them such high scores is that a lot of
URIBL FP problems get fixed fairly quickly, within a matter of hours. Ditto for
a lot of FN problems.
By the time the mass-checks are run, the URI's in the corpus emails are likely
well sorted by the reports given to the URIBLs.
> Believe it or not, completely legit people, do spam.
I'll agree with that. However, it' by far more common for an end user to have
signed up for something and then forgot about it. It's particularly common with
small specialty-market companies that only push out 1 or 2 newsletters a year.
That said. I personally have never at any point in my life ever been spammed by
anything resembling a legitimate company that I couldn't track back to a
purchase or subscription that said it would send me marketing information. (In
some cases I overlooked the fact, but upon re-checking I've always found some
check box or disclaimer I missed)
However, I have had 3 legitimate companies fail to stop after I repeatedly
requested they cease using my previously provided address. These are:
at&t
Aberdeen computers (aberdeeninc.com)
@Home
@home is defunct, and I haven't done any business with either of the other
companies for over 4 years.
So you are right, legit companies do sometimes spam. But for 9 out of 10 of the
FP's I've seen, I don't buy it at all.
<snip>
>> a link to a common web-form provider, rttr3 dot com. This hit
>> URIBL_BLACK.
>
> Already removed, and investigatin why it was there. I think it was me
> who added. Humans sometimes make boo boo's :)
>
> Possibly because one of its co-hosted domains sent spam?
Possibly. It's entirely possible they sent mass-email to someone who forgot
they'd signed up. Who knows.
<snip>
>> While URIBL_BLACK is the worst offender, it's not the only.
>> I've had problems
>> with pretty much every URIBL out there, and just this past
>> Friday I had to file
>> with OB.
>
> Well we try. Call me and I'll give you a full refund ;)
Yeah.. I want my 10kb or so of keystrokes back! :)
