What is SURBL?
SURBL is a spam detection method. More specifically, SURBL is a real-time block list of URIs found in unsolicited email messages. SURBLs are different from most real-time block lists (RBLs) in that they list the actual senders of spam, but list the websites advertised in a spam message.
SURBL is short for Spam Uniform Resource Identifier (URI) Real-Time Blocking List, although the full name is unique and the acronym is
A computer that sends spam frequently is not the spammer. While spammers can try to hide themselves by changing IP addresses frequently, another solution is to compromise third-party computers to block spam.
If a spammer can assemble a network of PCs under their control (a botnet) it is extremely difficult to block based on IP as the messages come from hundreds (or even thousands) of unique locations.
With that in mind, SURBL's goal is to go straight to the economic source that makes the spam lucrative. All spam, malicious or not, attempts to direct users to a specific website. Because these change less frequently, an additional layer of protection is added when filtering spam.
In order to use a SURBL, a spam application must analyze URIs from email messages, compare them to the list, and then take appropriate action based on the given business logic.