Cisco CloudCenter: Get the Hybrid IT Advantage


Definition - What does SURBL mean?

SURBL is a spam detection method. More precisely, SURBL is real-time block list of URIs found in unsolicited email messages. SURBLs are different from most real-time block lists (RBLs) because they do list the actual senders of spam, but rather list the websites advertised in a spam message.

SURBL is short for Spam Uniform Resource Identifier (URI) Real-time Block List, though the full term is clearly and the acronym

Techopedia explains SURBL

A computer sending spam often isn't the spammer. While spammers can attempt to hide themselves by changing IP addresses frequently, another solution is to compromise machines owned by 3rd parties to bounce spam off of. If a spammer can put together a network of PCs under his control (a botnet), it is extremely difficult to block based on IP because the messages are coming from hundreds (or even thousands) of unique locations.

Given this, the thinking behind SURBL is to go straight to the economic source that makes the spam lucrative. All spam, whether malicious or not, is trying to direct users to a particular site. Because these change less frequently, it adds another layer of protection in filtering out spam. To use a SURBL a spam application needs to parse out URIs from email messages, compare against the list, and then take appropriate action based on pre-set business logic.

Share this: