[Mimedefang] SURBL hits - blocking delivery

Kevin A. McGrail kmcgrail at pccc.com
Mon Jul 7 15:45:46 EDT 2008

I find most RBLs to be below my threshold for false positives except when 
used inside a scoring framework like SpamAssassin where they can be used in 
conjunction to tag an email.

However, specifically, you are discussing an RBL that is not designed to be 
used to block and has numerous warnings about doing so on both the home page 
and implementation page.

My only guess as to why you haven't had too many complaints is that your 
mail volume is too small or too localized.  Heck, last week or so, if you 
had been using URIBL to block (like some ISPs were), you would have likely 
been blocking emails sent by any outlook / exchange user on the planet 
because they accidentally added a schema URI.


> I'm suprised you don't suggest blocking surbl hits.  Why is that?  I've 
> been doing it for a couple years now and nobody has complained.  Maybe 
> I've been lucky.  I tried blocking based on RBL hits a while back, but it 
> generated too many local complaints.
> andrew
> ---- "Kevin A. McGrail" <kmcgrail at pccc.com> wrote:
>> A) I don't suggest using RBLs to block and certainly not SURBL "SURBLs
>> differ from most other lists in that they're used to detect unsolicited
>> messages based on message body URIs (usually web sites). Unlike most 
>> other
>> lists, SURBLs are not meant to identify messages senders by their message
>> headers or connection IP addresses. Instead they help identify messages 
>> by
>> the sites mentioned in their message bodies."
>> B) MIMEDefang is usually the answer ;-)
>> C) From Mark Damrose:
>> I submitted a domain_is_blacklisted function, but I don't believe it
>> ever made it into a release.  You can get it here
>> http://mimedefang.org/kwiki/index.cgi?UseSURBL

More information about the MIMEDefang mailing list