Godaddy misusing the PBL?

According to Justin Mason, domain registrar (and email/web hoster) Godaddy is misusing the Spamhaus PBL: Using it as a URL filter. This is where you convert a URL hostname to its IP address, then look up that IP address (or its nameserver) on an IP-based blacklist. Great idea. I do it with the SBL. It's a horribly bad idea for the PBL, though, because the PBL is not meant to be a list of things that aren't allowed to have web servers. Using it this way is going to cause false positives like mad.

1 comment:

  1. Looking at Justin's post, they are doing this for XBL too, which is also wrong.

    I've seen two similar issues in recent months:

    (1) Some spam filters which check ALL IPs in the header against RBLs. This will cause many FPs if one of those RBLs is Zen, PBL, or XBL. GFI is one of the filters that uses this flawed strategy. I tried to explain this to them, but they still didn't 'get it'.

    (2) Some spam filters check URI blacklists against the domain extracted from the "from" e-mail address. Whether this is the one in the SMTP envelope and/or the one in the header, it is a useless tactic because, even if the message is a spam, that FROM address is most likely either (a) forged, or (b) a free-mailer domain, like gmail, yahoo, hotmail, etc.

    In fact, I'm currently talking to a company who makes a software spam filter and they are actually making some progress towards fixing this. So I won't mention which one since they seem to be fixing this right now.

    (URI blacklists are *only* suppose to be used for checking against domains found in the body of the message--and that is where they are most effective with the least FPs!)

    ReplyDelete

Comments policy: Al is always right. Kidding, mostly. Be polite, and you're welcome to join in, even if it's a differing viewpoint.