Steve Freegard wrote:
A word of caution. Be very careful how you use the list. The
intended usage for the list is to prevent (or monitor) local users
from sending email to the listed addresses. The phishers frequently
use compromised end-user accounts to receive the phishing replies, so
there is a high risk of false positives, especially if you attempt to
classify messages containing one these addresses as spam.
Thread fork!
Would it be useful to have a similar list for 419 fraud contact addresses?
Discuss...
That was always my intention - there are a couple of us looking at
several methods of automatically listing e-mail addresses present in the
body of spam or the Reply-To header to specifically target stuff that
often slips though with low scores.
I'm also looking at listing URIs that are impossible to list in the
traditional URIBLs e.g. groups.yahoo.com/groupname/message/1
For listing both emails and uri's it would be useful if you could add
regular expressions. I'm not sure how you'd serve such an RBL though
without writing your own custom software or modifying an existing dns
server. Eg, it would be nice if you could add entries like this to the rbl:
^(?i)https?://[a-z]+\.example\.com/unsubscribe\.cgi\?id=\d+$
And:
^(?i)customer-service-[a-z]...@example\.(?:com|co\.uk)$
--
Mike Cardwell
(https://secure.grepular.com/) (http://perlcv.com/)
