📑 Table of Contents

SURBL (stands for Spam URI Realtime Block List) is a collection of URI DNSBL lists of Uniform Resource Identifier (URI) hosts, typically web site domains, that appear in unsolicited messages or other data. SURBL can be used to check data against known misused email addresses, phone numbers, uri shortners and coin hashes via the HASHBL sets. SURBL can be used to search incoming e-mail message bodies for spam payload links to help evaluate whether the messages are unsolicited. For example, if http://www.example.com is listed, then e-mail messages with a message body containing this URI may be classified as unsolicited. URI DNSBLs differ from prior DNSBLs, which commonly list mail sending IP addresses. SURBL is a specific instance of the general URI DNSBL list type.

Lists

edit

ABUSE, PH, MW, CR, CT, DM are gathered into multi.surbl.org.

HASHBL supports the following categories:

  • ABUSE
  • CRACKED
  • MALWARE
  • PHISH
  • EMAIL
  • CRYPTO
  • PHONE

Usage

edit

A DNS query of a domain or IP address taken from a URI can be sent in the form of spamdomain.example.multi.surbl.org or 4.3.2.1.multi.surbl.org. The multi DNS zone return records contain codes that indicate which list contains the queried for domain or IP address. Many spam filters support use of SURBL. Small sites can use SURBL through public DNS queries, and an rsync data feed is available to professional users. SURBL data is also available in Response Policy Zone and CSV formats.

SURBL data is also available via API requests and HTTPS streaming feeds. In those cases the data will be sent over web connections instead using unsecured DNS for the transport.

History

edit

SURBL was created in 2004 to replace formatted text-based lists such as sa-blacklist that were previously used in SpamAssassin and distributed through web sites. The announcement of SURBL as a URI DNSBL was made April 8, 2004 to the SpamAssassin user community.[1] SURBL is the first major list of the URI DNSBL type, later followed by uribl.com,[2] IvmURI[3] and Spamhaus DBL.[4]

See also

edit
  • DNSBL, a spam prevention method in which e-mail messages are accepted or rejected depending on the IP address of the mail server from which the message is received.

References

edit
  1. ^ "Gmane -- Announcing SURBL support in SA 2.63 and 3.0 plugins". gmane.org.
  2. ^ "URIBL.COM - Realtime URI Blacklist". uribl.com.
  3. ^ "invaluement". invaluement.com. Archived from the original on 2012-05-05.
  4. ^ "DBL - The Spamhaus Project". spamhaus.org.
edit

📚 Artikel Terkait di Wikipedia

Domain Name System blocklist

popular is SURBL. After SURBL was created, some of the volunteers for SURBL started the second major URI DNSBL, URIBL. In 2008, another long-time SURBL volunteer

PhishTank

Benard, Mozilla, Kaspersky, Firetrust, Officer Blue, FINRA, Message Level, SURBL, Sanesecurity for ClamAV, Career Builder, Site Truth, Avira, C-SIRT,[citation

Apache SpamAssassin

Policy Framework and DomainKeys Identified Mail URI blacklists such as SURBL or URIBL which track spam websites More methods can be added reasonably

HMailServer

mechanisms: Host based DNS Blacklisting (DNSBL) URL based DNS blacklisting (SURBL) Greylisting (must retry sending for the message to succeed) SPF Built in

Comparison of mail servers

Mail Server DNSBL SURBL Spamtraps Greylisting SPF DKIM DMARC Tarpit Bayesian filters Regular expressions Embedded Antivirus Embedded Antispam agorum core

Blacklist (computing)

2015-08-11. Retrieved 2015-08-10. "Fabelsources – Blacklist". "Guidelines". www.surbl.org. Retrieved 2016-02-04. "B.I.S.S. Forums – FAQ – Questions about the

SpamCop

SpamCop Forums and newsgroups SCBL dispute resolution from the FAQ The SURBL is an RBL based on SpamCop data to block or tag spam based on URIs contained

Anti-spam techniques

looking them up in databases such as Spamhaus' Domain Block List (DBL), SURBL, and URIBL. Many spammers use poorly written software or are unable to comply