You are duplicating effort and doubling the results here::
sbl-xbl.spamhaus.org contains the SBL, CBL, Blitzedall and subset of the
NJABL data
http://www.spamhaus.org/xbl/index.lasso
BLITZEDALL ip4r opm.blitzed.org * 3 0
CBL ip4r cbl.abuseat.org 127.0.0.2 3 0
SBL ip4r sbl-xbl.spamhaus.org* 3 0
NJABL ip4r dnsbl.njabl.org 127.0.0.2 3 0
NJABLFORMS ip4r dnsbl.njabl.org 127.0.0.8 2 0
NJABLPROXYS ip4r dnsbl.njabl.org 127.0.0.9 2 0
NJABLSOURCES ip4r dnsbl.njabl.org 127.0.0.4 2 0
I certainly wouldn't weight these two tests the same:
You'll find lots of false positives on the suspicious test
MXRATE-BLOCK ip4r pub.mxrate.net 127.0.0.2 3 0 MXRATE-SUSPICIOUS
ip4r pub.mxrate.net 127.0.0.4 3 0
I'd be leary of the weights here:
This returns 25% spam, 75% ham here.
FIVETENOPTIN ip4r blackholes.five-ten-sg.com 127.0.0.4 2 0
75% spam, 25% ham for this one:
FIVETENIGNORE ip4r blackholes.five-ten-sg.com 127.0.0.7 2 0
these could be interesting additions:
UCEPROTECT-LEVEL1 ip4r dnsbl-1.uceprotect.net * yourweight 0
UCEPROTECT-LEVEL2- ip4r dnsbl-2.uceprotect.net * yourweight 0
WHOIS-BOGONS-DYNA ip4r combined-HIB.dnsiplists.completewhois.com 127.0.0.2
yourweight 0
WHOIS-HIJACKED-DYNA ip4r combined-HIB.dnsiplists.completewhois.com 127.0.0.3
yourweight 0
WHOIS-INVALID-DYNA ip4r combined-HIB.dnsiplists.completewhois.com 127.0.0.4
yourweight 0
In general looking at your weighting,
I see very effective tests SBL, SPamcop, CBL with a weight of only one point
more than less effective tests.
You didn't mention how much weight it takes for your subject
tag/hold/delete, so it's hard to comment on the weights.
I have the SBL CBL at 100% of my subject tag weight and Spamcop at 70% of
my subject tage weight.
blackholes.intersil.net has a very low hit rate. Is it worth running?
- Original Message -
From: Travis Sullivan [EMAIL PROTECTED]
To: Declude.JunkMail@declude.com
Sent: Tuesday, September 20, 2005 6:51 PM
Subject: [Declude.JunkMail] critique my global.cfg file with regards to
blacklist use
DSBL ip4r list.dsbl.org * 3 0
ORDB ip4r relays.ordb.org * 3 0
SPAMCOP ip4r bl.spamcop.net 127.0.0.2 3 0
SERVICESNET ip4r korea.services.net* 3 0
ORID ip4r dnsbl.antispam.or.id127.0.0.2 3 0
FABELSOURCES ip4r spamsources.fabel.dk127.0.0.2 3 0
AHBL ip4r dnsbl.ahbl.org * 3 0
BLITZEDALL ip4r opm.blitzed.org * 3 0
CBL ip4r cbl.abuseat.org 127.0.0.2 3 0
SBL ip4r sbl-xbl.spamhaus.org* 3 0
NJABL ip4r dnsbl.njabl.org 127.0.0.2 3 0
NJABLDUL ip4r combined.njabl.org127.0.0.3 3 0
NJABLFORMS ip4r dnsbl.njabl.org 127.0.0.8 2 0
NJABLPROXYS ip4r dnsbl.njabl.org 127.0.0.9 2 0
NJABLSOURCES ip4r dnsbl.njabl.org 127.0.0.4 2 0
SORBS-HTTP ip4r dnsbl.sorbs.net 127.0.0.2 2 0
SORBS-SOCKS ip4r dnsbl.sorbs.net 127.0.0.3 2 0
SORBS-MISC ip4r dnsbl.sorbs.net 127.0.0.4 2 0
SORBS-SMTP ip4r dnsbl.sorbs.net 127.0.0.5 2 0
SORBS-SPAM ip4r dnsbl.sorbs.net 127.0.0.6 2 0
SORBS-WEB ip4r dnsbl.sorbs.net 127.0.0.7 2 0
SORBS-BLOCK ip4r dnsbl.sorbs.net 127.0.0.8 2 0
SORBS-ZOMBIE ip4r dnsbl.sorbs.net 127.0.0.9 2 0
SORBS-DUHL ip4r dnsbl.sorbs.net 127.0.0.10 2 0
FIVETENDUL ip4r blackholes.five-ten-sg.com 127.0.0.3 2 0
FIVETENFREE ip4r blackholes.five-ten-sg.com 127.0.0.12 2 0
FIVETENIGNORE ip4r blackholes.five-ten-sg.com 127.0.0.7 2 0
FIVETENKLEZ ip4r blackholes.five-ten-sg.com 127.0.0.10 2 0
FIVETENMULTI ip4r blackholes.five-ten-sg.com 127.0.0.5 2 0
FIVETENOPTIN ip4r blackholes.five-ten-sg.com 127.0.0.4 2 0
FIVETENOTHER ip4r blackholes.five-ten-sg.com 127.0.0.9 2 0
FIVETENSINGLE ip4r blackholes.five-ten-sg.com 127.0.0.6 2 0
FIVETENSRC ip4r blackholes.five-ten-sg.com 127.0.0.2 2 0
FIVETENTCPA ip4r blackholes.five-ten-sg.com 127.0.0.11 2 0
FIVETENWEBFORM ip4r blackholes.five-ten-sg.com 127.0.0.8 2 0
CSMA-SBL ip4r sbl.csma.biz 127.0.0.2 2 0 JAMMDNSBL ip4r
dnsbl.jammconsulting.com127.0.0.2 2 0 INTERSIL ip4r
blackholes.intersil.net 127.0.0.2 2 0 MXRATE-BLOCK ip4r
pub.mxrate.net 127.0.0.2 3 0 MXRATE-SUSPICIOUS ip4r
pub.mxrate.net 127.0.0.4 3 0 SPAMBAG ip4r blacklist.spambag.org
127.0.0.2 2 0
DSN rhsbl dsn.rfc-ignorant.org127.0.0.2 3 0
NOABUSE rhsbl abuse.rfc-ignorant.org127.0.0.4 1 0
NOPOSTMASTER rhsbl postmaster.rfc-ignorant.org 127.0.0.3 1 0
BOGUSMX rhsbl bogusmx.rfc-ignorant.org 127.0.0.8 3 0
DNSILLEGAL rhsbl in.dnsbl.org 127.0.0.5 3 0
DNSFRAUD rhsbl in.dnsbl.org 127.0.0.3 3 0
DNSMAILLIST rhsbl in.dnsbl.org 127.0.0.6 3 0
DNSPROMO rhsbl in.dnsbl.org 127.0.0.4 3 0
---
This E-mail came from the Declude.JunkMail mailing list. To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type unsubscribe Declude.JunkMail. The archives can be found