----- Original Message ----- From: "David Hooton" <[EMAIL PROTECTED]>
> On Wed, 8 Dec 2004 08:03:35 -0800, Bill Landry <[EMAIL PROTECTED]> wrote: > > I agree, and have suggested a whitelist SURBL several times on the SURBL > > discussion list, but it has always fallen on deaf ears - nary a response. > > It would be nice if someone would at least respond as to why this is not a > > reasonable suggestion. > > The floor in offering a DNS based whitelist is that it encourages > people to place a negative score on it. The problem with this is that > spammers can poison messages with whitelisted domains, thereby > bypassing the power of the SURBL I agree, it should not be used as a HAM indicator, way too easy to abuse. I was suggesting that the whitelist be used as a way to exclude the domain from being constantly queried against the SURBL name servers. > The concept of "Whitelist" in the SURBL world is more of an "Exclusion > List" as in "we exclude these domains from being listed" rather than > we consider the presence of these domains in an email to be a good > sign of ham. Exactly. > An excluded domain is therefore ignored in all data and not allocated > a score positively or negatively, so trying to poison a message with > whitelisted domains is therefore pointless. Yep, agree wholeheartedly. > I think we either need to look at a DNS version of > uridnsbl_skip_domain with long TTL's or we should look at releasing a > .cf file. I personally think the more proper implementation may be > the DNS based version in order to avoid BigEvil type situations. Indeed, my thoughts exactly. Bill
