SURBL -- Links

Links

SURBL SURBL+ Checker Look up IPs and domains on all SURBLs SURBL Nameserver Status SURBL announcement and discussion mailing lists SURBLs mentioned on Slashdot and again with the release of SpamAssassin 3 ws.surbl.org partial data source: sa-blacklist, policy SURBL inclusion policy for manual list ws.surbl.org, partially applied to other lists also Open Letter To Operators Of Redirection Sites
Mirroring zone files locally rbldnsd is highly recommended as a very fast DNS server specifically meant to serve up list zones. Use it with rsync to get the zone files from the list providers. Note that there is a Windows port of rbldnsd. rsync offers efficient, incremental, error-corrected file transfer and updating between similar and different platforms such as Posix (UNIX), Windows, etc. Jeff Chan's rbldnsd with BIND under FreeBSD describes how to locally mirror list zone files when running both BIND and rbldnsd under FreeBSD Michele Neylon's DNS Blacklists - Setting up a local mirror explains how he set up rbldnsd and rsync with BIND under Unix/BSD/Linux. rbldnsd howto contains Bob Cottrell's notes on how he set up rbldnsd with rsync under Solaris. Includes information about setting up port forwarding in BIND when running both types of name servers on the same host. NJABL's tips for running rbldnsd and rsync (local copy) is a guide to setting up and running, including port forwarding in BIND 8 and 9 so that rbldnsd can run on an existing BIND server. Applies equally well to SURBLs and other lists. FAQ for rbldnsd and dnscache Rick Macdougall has written up how he set up rbldnsd to run on the same name server as dnscache from djbdns. Using BIND and rsync to cache list zones While rbldnsd is prefered for many reasons, we present steps for using BIND to do it. Mike Atkinson's how to for converting rbldnsd stats to MRTG graphs. (local copy) SURBL rsync request form
SpamAssassin SpamAssassin 3 includes a plugin with SURBL use enabled by default: URIDNSBL config SpamAssassin 2.63 and 2.64 Plugin for use with SURBL: SpamCopURI How to use SpamAssassin 2.63 with SpamCopURI and SURBL in Win32 (Windows) How To Use SpamAssassin on Win32 (Windows) by Michael Bell (original location) How to use an Exchange SMTP Transport Event Sink with SpamAssassin (Windows)
Programs which use SpamAssassin and support SURBLs MIMEDefang - Anti-virus and anti-spam Milter for Unix AMaViS - Anti-virus and anti-spam Milter for Unix MailScanner - Anti-virus and anti-spam Milter for Unix Qmail-Scanner - Content Scanner for Qmail mail server Qmail Toaster setup for SURBLs on Qmail Merak Mail Server Windows mail server with anti-virus, anti-spam, etc. MDaemon Windows mail server with anti-virus, anti-spam, etc. VisNetic Mail Server by Deerfield.com uses SpamAssassin and SURBLs. GEE Whiz spam and virus filtering for GroupWise and NetMail adds SURBL support in version 2.0 babycart filters text through SpamAssassin SpamAssassin's list of third party software
Windows programs supporting SURBLs Mail Server Content Filter Filters mail in Merak Mail, Microsoft Exchange 2000 and Communigate Pro (Windows version) using regular expressions matching RBL, domain, user or IP addresses against any part of message. Configurations are written in XML. ORFilter is a free-ware Exchange plug in which suppports SURBLs Policy Patrol by Red Earth Software adds SURBL support to their commercial anti-spam add-on for Exchange. XWall for Microsoft Exchange supports SURBLs. GFI MailEssentials v11 adds SURBL support to Exchange, Lotus Notes and other popular SMTP/POP3 servers. Vamsoft's ORF Enterprise Edition adds SURBL suppport to Windows 2000 and 2003 versions of Exchange and IIS SMTP Service (IIS 5 or 6). STAT AntiSpam has open-source SURBL support in antispam filter set for the freeware Windows mail server Mercury/32. NEMX Power Tools for Exchange Server supports SURBLs. Sunbelt Software's Ninja Email Security adds SURBL support to its integrated plug-in architecture for antispam, antivirus, disclaimers, and attachment filtering in Microsoft Exchange environments. ASTPS adds SURBL support to Clearswift MIMEsweeper, MailMarshal, and other Windows mail scanners which support external programs. Yasu is an open source Win32 or Windows 2000 program to check URIs against SURBLs in Clearswift Mailsweeper and other Windows mail systems that can run external scripts. Invariant Systems' URI extraction tool invURIBL is a Windows program to check message body URIs against SURBLs for example, from Declude for Imail. It can be used as a standalone program or as a general plug in to Windows mail servers. SURBL_filter.zip is a command script checks SURBL sites against message bodies in Declude JunkMail, which is an add-on to the Windows mail server Ipswitch IMail. MTS Professional is a low cost, full-featured SMTP/POP3 based email server for Windows NT4/2000/XP. MTS Professional now supports SURBLs. Trash Finder is a plugin for the free IMS mail server on Windows. The subscription version of Trash Finder supports SURBLs. ALOAHA is a transparent SMTP Proxy for Windows which supports SURBLs. (See also how to use SpamAssassin with Windows above.)
Other programs and services using SURBLs milter-link for Sendmail checks message body URIs against SURBLs, or after domain resolution against RBLs. Written in C, milter-link does on-the-fly MIME decoding without using temporary files. milter-link now works with Postfix 2.3 via its new Sendmail 8 milter support. MEFilter, a bolt-on for the MailEnable mail server, adds beta SURBL support. Test results are very favorable. milter-uri.pl is a basic Sendmail milter written in Perl using Sendmail::PMilter and SpamAssassin libraries. j-chkmail Sendmail milter for detecting viruses and spam. A standalone C program PTSMail Utilities are designed to manage sendmail under Unix. Uses a web interface to manage virus and spam filtering, quotas, etc. Now supports SURBLs. Using SURBLs with the Exim MTA provides a perl routine that can be used with "any other MTA that can call an external process to scan a message." qmail and qmail-ldap patches to use SURBLs. Here are local copies of the Regular patch, Qmail-ldap patch and Documentation. uribl plugin for SURBLs in qpsmtpd, a perl smtpd with MTA function and plugin capability, announcement Kaspersky Anti-Spam adds SURBL support starting with Open Beta 3.0. Operates as a standalone filter or with sendmail, qmail, CommuniGate Pro, Postfix or Exim. MailMarshal for Exchange and general SMTP servers protects enterprise mail against viruses and spam and now supports SURBLs. (Here's their Knowledge Base article about using SURBLs.) MailStripper by Eridani Star System is an MTA independent, UNIX SMTP spam filter with anti-virus capability that now supports SURBLs. Guardian Digital, a Linux security company, uses SURBLs in their Secure Mail Suite . Here's the press release about it. NetWin adds SURBL support to their multi-platform email, groupware and instant messaging server, SurgeMail. Hexamail adds SURBL support to the latest version of their Windows/Linux server-side spam blocker Hexamail Guard. MicroWorld includes SURBL support in their eScan and MailScan products. GWAVA version 3.5 adds SURBL support to the GroupWise MTA under Novell Netware. Camel's Eye, a GPL'd client-side Java POP3/SMTP proxy, now has support for SURBL." SpamPal, a client-side filter, now has SURBL support via Alain de Camps' version of the URLBody plugin. SimpleFilter is a POP3 proxy and SMTP service offering pre-filtering of mail and marking of spam subject lines. Uses SURBLs and other techniques. LogSat's SPAMFilter ISP spam and virus mail filtering service now has SURBL support. Drupal CMS, a web Content Management System now has SURBL support via Jeremy Andrews' spam_surbl module, which is written in PHP. Here is his announcement about it. Drupal allows users to publish web content, organize discussion communities, run blogs, collaborate on projects, etc. FirstClass, a messaging and groupware system for schools and businesses, adds SURBL support starting with version 8.1. surblhost is a simple C command line program to query SURBLs, written by Christian Stigen Larsen. surblhost is used by memurl.com to deny redirection services to spammers. Suri does SURBL checks on mail stored in files, adapted from Devin Carraway's plugin to qpsmtp. General-purpose program usable with amavisd and others. rxwhois.cmd OS/2 whois client whois client for anti-spam use includes SURBL checks
Other URI blacklists mailpolice Offers seven content-based blocklists mostly compatible with programs that use SURBL. mailpolice's fraud list is currently included in ph.surbl.org. URIBL.com Karmasphere "An open platform for sharing reputation data."
Other resources SpamCop reporting site, feeds URI sites into sc.surbl.org. SpamCop Spamvertised Sites The Spamhaus Project "tracks the Internet's Spammers, Spam Gangs and Spam Services, provides dependable realtime anti-spam protection for Internet networks, and works with Law Enforcement to identify and pursue spammers worldwide." spam@uce.gov The email submission address of the United States Federal Trade Commission should be used by everyone to report unsolicited messages. The submitted messages are stored and indexed and are used in U.S. Federal, State and local government cases against senders of unsolicited messages. Here's a link to the FTC ruling that web site owners are responsible for sending of unsolicited messages by their affiliates.
Best Current Practices (BCP) for Email Marketing Canadian Federal Task Force on Spam Messaging Anti-Abuse Working Group (MAAWG) Sender Best Communications Practices Lyris Opt-in and permission-based email marketing The Spamhaus Project Opt-in vs Opt-out LINX Best Current Practice for the running of mailing lists MAPS Guidelines for proper mailing list management The SuretyMail Email Deliverability Wiki A marketing-oriented site ClickZ SpamCon foundation Best practices links
Organizations that can help with mail practices: ISIPP: Institute for Spam and Internet Public Policy Unspam A consulting and services company "helping governments craft effective contact control laws and assisting legitimate businesses in complying with them" Habeas "Habeas provides solutions to help legitimate email get delivered." Sender Score Certified (formerly Bonded Sender)
Free Windows malware and vulnerability tools: Spybot - Search & Destroy Ad-Aware AVG Anti-Virus Free Edition myNetWatchman SecCheck -- often finds cracked programs that others don't. Be sure to check "Hash Report" when it completes. Trend Micro Rootkit Buster McAfee Avert Stinger Secunia Network Software Inspector Nessus vulnerability scanner

Acknowledgements

Hosting: SupraNet; MultiKabel N.V.; Prolocation; Sonic.net
People (in no particular order): Eric Kolve, Raymond Dijkxhoorn, Justin Mason, Daniel Quinlan, Julian Haight, Sidney Markowitz, Kelsey Cummings, Jacob Davida, Erik O'Connor, Bill Stearns, Chris Santerre, all the folks and organizations providing data and name service, and the many other people without whom this project would not be possible. You know who you are! :-) Our thanks to all!

Some comments about SURBLs

Catherine Hampton, spambouncer.org:: "The results have been nothing short of amazing; the only blocklists that come even close [to SURBLs] in terms of quantities of spam stopped are the SBL and CBL. Given that you don't even need to look up host IPs to check the SURBL, it has to qualify as one of the most useful BLs I've ever tried."
Ben Poliakoff, Reed College:: "SURBL use has enhanced SpamAssassin's accuracy tremendously."
Bob Harbour, President, Harbour Communication:: "The improvements in the last 2 weeks has been amazing with the addition of the SURBLs and the SpamAssassin 3. I am beginning to get calls from customers wondering if we are having problems with our mail server because they are not getting as much junk mail as they were."
Matt Yackley, Network Engineer, Perkins + Will, Inc.:: "SURBL is one of the best tools available to help SpamAssassin catch more spam than ever before."
Lindsay Snider, Cumberland Technologies Inc.:: "SURBL has been excellent for us. Before SURBL, we continued to add and update SpamAssassin rules to try and catch spam as it changed over time. Eventually, we began to see our false positive level gradually increase, hence lowering our trust in the system. We went back to basics using a stock SpamAssassin with the safe SARE rules. We then turned up SURBL and ever since then our scores have been a good deal more accurate. Our false positive rate is zero or very near, and very little spam gets through untagged anymore."
Ross Carlson, Metacraft Internet Services:: "I upgraded to the latest amavisd-new and SA, enabled the DNSBL checks and now the system is tagging about 40% of the incoming mail as spam, compared to about 5% before. I've had nearly 4,000 messages come through in the last 22 hours that had URIs in the SURBL. Love it!"
Partial list of organizations using SURBLs:: Easynet France, Tiscali Benelux, Wanadoo NL, SpamCop, XMission Internet, Excel.Net, Electric Mail Company, Sonic.net, Alice's Registry, Inc., MailGuard Pty. Limited, mail-cleaner.com, Superb Internet Corp., Pacific Internet Ltd, University of Bristol (UK), Shasta.com Internet, MailRoute, Inc., Cumberland Technologies Inc., mailbag.com, NetServices Plc, Hancock Telecom, Atlantech Online, Inc., Omnis Network, LLC, University of Colorado at Boulder, Eolas, Ruprecht-Karls-Universit�t Heidelberg, University of North Carolina at Wilmington, Reed College, Michigan Integrated Solutions, Alaska Communications Systems, Inc., Martek.Net, ImproWare AG (Switzerland), Conpoint.com, Perkins + Will, Inc., Metamark Shorten� Service, SnipURL, B2B2C.ca High Speed Internet, Univerity of Klagenfurt, University of Missouri - Rolla, Yale University School of Medicine, OnlyInternet.Net, Internet Xpress (Colville, WA), GO Concepts Inc., Harbour Communication, KC Online, Utility Line Italia, MWeb (South Africa), PE.net, Voicenet.com, SoftHome.net, adfinis, free.de, Research Machines plc, Ironic Design, Inc., LogIn & Solutions AG, Mycom Group, Inc., Borden Ladner Gervais LLP, Birch Telecom Inc., ena.com, CanadaEmails.com - MPRM Group Limited, SaskNow Technologies, American Home Mortgage, Blacknight Internet Solutions Ltd, Widexs / Ionip, MORPACE International, Inc., RTC Ltd. / MOBIKOM, Plushosting B.V., Peregrine Computer Consultants Corporation, localaccess.com, InterActive Systems Designs (Pty) Ltd, Sentex Communications, BMC Software, Delmarva Online, Inc., FrogNet, Inc., Zoznam s.r.o., University of Ghent (Belgium), AxisInternet, Inc., iSupportISP LLC, San Mateo Regional Network, Inc., cetlink internetworks, Oklahoma Christian University, Cyberindo Aditama, Memorial University of Newfoundland, Grande Communications, Inc., Host -it LTD, Eze Castle Integration, Inc., Lynx Informatica, Metacraft Internet Services, ChiliTech Internet Solutions, Terra Networks (Spain), Hush Communications, CWNET - Communications world network, Riverside Internet, Argentina.Com, Best Software, Ecole des Mines de Paris, Clemson University, Spin srl, LawBase Technologies

<< FAQ Previous Section, Next Section Contact >>

links.html version 2.69 on 3/25/08