On Wednesday, March 9, 2005, 6:20:49 PM, Robert Menschel wrote: > Wednesday, March 9, 2005, 1:00:33 AM, Jeff Chan wrote:
>>> Goal: There are public newsletters, services, etc., which a) do not >>> spam, and b) can easily be mistaken as spam by SpamAssassin for a >>> variety of reasons (overly aggressive custom rules, wrongly taught >>> Bayes system, paid advertising listing SURBL URIs, etc). Though >>> anti-spam devotees see these as opportunities for cleaning up our >>> system, for the purposes of email reliability we want these emails to >>> go through unhindered. JC>> This is something that could potentially be useful to SURBLs as a JC>> whitelist source (used for exclusion from SURBLs), so I'm in JC>> favor of it. Daryl's ideas of a web form feeding a database JC>> and a separately named rule to use it within SA seem like good JC>> suggestions. > In that a whitelisted "from" domain can be assumed to reference its > own domain in URIs within its emails, I agree. A SURBL whitelist > probably should contain these primary domain names, to ensure that > spammers don't pollute SURBL by using/abusing these domains. Yes, that's one of the current functions of the SURBL whitelist: to prevent Joe Jobs of bad guys trying to get legitimate domains listed in SURBLs by mentioning them in spams. > Theo's comment about being able to skip SURBL checks is a good idea > also. In case it's not clear, that's already being done in URIDNSBL.pm. [...] JC>> As you outline it above it seems like it would be a global JC>> publishing of local whitelists where there was strong consensus JC>> about what should be whitelisted. That could be a subset of JC>> the local whitelist_froms of all SpamAssassin installations. JC>> It could also grow into something larger, and that's not JC>> necessarily a bad thing. Collecting up SA local whitelist_froms JC>> is a reasonable place to start. > Problem with the whitelist_from's is that they don't have the rcvd > information needed to prevent abuse. Change that to a collection of > local whitelist_from_rcvd's, and I would agree with you completely. Yes, whitelist_from_rcvd is what I meant, not whitelist_from. :-) Jeff C. -- Jeff Chan mailto:[EMAIL PROTECTED] http://www.surbl.org/