Re: [SURBL-Discuss] RFC: consensus list?

[Jeff Chan <je...@surbl.org>]

On Friday, November 12, 2004, 7:07:29 AM, Frank Ellermann wrote:
> See Ryan's answer, it's easy to do interesting stuff
> with the multi bits, multi was a good idea.  If you
> want to simplify it set bit 1 if 3 or more other bits
> are set, examples:

127.0.0.6   =>> 127.0.0.6   (2 or less bits unchanged)
127.0.0.100 =>> 127.0.0.101 (64+32+4 => 64+32+4+1)
127.0.0.14  =>> 127.0.0.15  (8+4+2 => 8+4+2+1)

LOL!  I didn't think of that!  If you take multi and feed it into
urirhsbl or the non-bitmasked version of SpamCopURI and use
numerical values like: 

  127.0.0.100

Then you can find URIs that appear on JP, AB and WS, etc.

  http://www.surbl.org/lists.html#multi

2 = comes from sc.surbl.org
4 = comes from ws.surbl.org
8 = comes from phishing data source (labelled as [ph] in multi)
16 = comes from ob.surbl.org
32 = comes from ab.surbl.org
64 = comes from jp data source (labelled as [jp] in multi)

So simple "and" combinations like this can already be done and
tested without explicitly creating new, combined lists.

SC + AB + WS + OB + JP would be 127.0.0.118
SC + WS + OB + JP      would be 127.0.0.86
SC + OB + JP           would be 127.0.0.82

etc.  Would someone care to run some of these combinations
through their corpus tests?

Jeff C.
--
"If it appears in hams, then don't list it."