On Wednesday, March 9, 2005, 8:03:49 AM, Daryl O'Shea wrote: > Chris Santerre wrote: >> This might just be the first time I disagree with you Bob ;) >> >> I don't see how this ruleset will not get abused. If I was a spammer I would >> make sure all my spam hit these rules to let me in. >> >> As a research tool it is great! Already the SURBL whitelist is one of the >> best around thanks to Jeff's work. He went mad for a few weeks and collected >> just about every bit of whitelist info from the net. >> >> IMHO, public negative scoring rules are not a good idea, despite there best >> intentions. Maybe if the airlines made there emails look less like spam? :) >> >> -1 >> >> --Chris (Just my opinion. I've been outruled many times before....its pretty >> fun!)
> How do you propose that whitelist_from_rcvd or whitelist_from_spf be > abused, other than due to a mis configured or compromised server? Oh hang on, it depends on whether it's looking at appropriate headers like whitelist_from_rcvd or whitelist_from_spf do, or whether it's looking at message body URIs do like uridnsbl commands do. As the data was proposed to be collected from local whitelist_from_rcvd lists, apparently it would be for headers. That should be safe, and we could probably still use them to limited effect in SURBLs to keep those domains off SURBLs. It's still a good idea. Jeff C. -- Jeff Chan mailto:[EMAIL PROTECTED] http://www.surbl.org/
