Rob McEwen wrote:
Marc,
I'm interested in participating. I'll send you an e-mail off-list with some
questions about participation.
Thanks for starting this!
On-list, I do have the following questions:
(1) I understand that your goal for the "black" list is for it to be a
"FP-safe" blacklist where an IP which might have ANY legit uses in the past
or where the spam sent is questionable wouldn't be listed there, correct?
In order to be listed I have to have 25 reports and the accumulated
tracking is 99% spam. So it's hard to be accidentally listed.
(2) I understand that your whitelist is for servers which are deemed to
never be the source of spam? So servers like Yahoo, etc where much 419 scam
originates from would never be on the whitelist... only stuff like a bank's
own servers, etc... correct?
Yahoo would be yellow listed - banks would be whitelisted. You have to
be 99%+ ham to get whitelisted. Yellowlisted means that you send some
ham so if a host is yellowlisted to you skip any blacklist tests.
(3) Finally, I'm most confused about the yellowlist. To help me understand
it better, what was the rational behind having a yellowlist versus simply
having these types not appear as "black" or "white"... or, better yet, how
would you suggest treating a "yellow" return code compared to a "not found"
return code?
Yellow listing is to prevent hosts from accidentally being blacklisted
because some spammer sent out spam. It would prevent servers like yahoo,
hotmail, comcast etc from being blacklisted.
The idea here isn't that this is a total spam solution. It's just a
front end to process a lot of email before spam assassin.
