On Tuesday, July 20, 2004, 4:02:56 PM, Kenneth Porter wrote: > I use Logwatch (http://logwatch.org/) to get nightly dumps of the > "interesting" parts of my Linux logs. Today's report was tagged by SA > 3.0pre2 because the mailserver part listed several URI's in SURBL's:
> 1.1 BIZ_TLD URI: Contains a URL in the BIZ top-level domain > 1.3 URIBL_SBL Contains a URL listed in the SBL blocklist > [URIs: detailpills.biz rosepharma.biz] > [justpharma.biz] > 2.0 URIBL_WS_SURBL Contains a URL listed in the WS SURBL blocklist > [URIs: justpharma.biz] > 1.0 URIBL_OB_SURBL Contains a URL listed in the OB SURBL blocklist > [URIs: detailpills.biz rosepharma.biz] > [justpharma.biz] > Extract from the problem report: >> Unresolved sender domains: >> [EMAIL PROTECTED]: 1 Time(s) >> [EMAIL PROTECTED]: 1 Time(s) >> [EMAIL PROTECTED]: 1 Time(s) >> [EMAIL PROTECTED]: 1 Time(s) >> [EMAIL PROTECTED]: 1 Time(s) >> >> Total: 5 > Is whitelisting my only recourse here or is there some more elegant and > general solution? The correct answer is to *not process* your spam-fighting mailing list messages, log messages, or anything else that might legitimately mention spammer domains with SpamAssassin. FWIW I whitelisted logwatch.org in SURBLs, meaning logwatch.org itself will never appear in SURBLs. Jeff C. -- Jeff Chan mailto:[EMAIL PROTECTED] http://www.surbl.org/
