[Mimedefang] SURBL hits - blocking delivery
Kevin A. McGrail
kmcgrail at pccc.com
Mon Jul 7 15:45:46 EDT 2008
I find most RBLs to be below my threshold for false positives except when
used inside a scoring framework like SpamAssassin where they can be used in
conjunction to tag an email.
However, specifically, you are discussing an RBL that is not designed to be
used to block and has numerous warnings about doing so on both the home page
and implementation page.
My only guess as to why you haven't had too many complaints is that your
mail volume is too small or too localized. Heck, last week or so, if you
had been using URIBL to block (like some ISPs were), you would have likely
been blocking emails sent by any outlook / exchange user on the planet
because they accidentally added a schema URI.
> I'm suprised you don't suggest blocking surbl hits. Why is that? I've
> been doing it for a couple years now and nobody has complained. Maybe
> I've been lucky. I tried blocking based on RBL hits a while back, but it
> generated too many local complaints.
> ---- "Kevin A. McGrail" <kmcgrail at pccc.com> wrote:
>> A) I don't suggest using RBLs to block and certainly not SURBL "SURBLs
>> differ from most other lists in that they're used to detect unsolicited
>> messages based on message body URIs (usually web sites). Unlike most
>> lists, SURBLs are not meant to identify messages senders by their message
>> headers or connection IP addresses. Instead they help identify messages
>> the sites mentioned in their message bodies."
>> B) MIMEDefang is usually the answer ;-)
>> C) From Mark Damrose:
>> I submitted a domain_is_blacklisted function, but I don't believe it
>> ever made it into a release. You can get it here
More information about the MIMEDefang