I've done a simple implementation of this by modifying _functions_antispam.php. In the antispam_url() function, right before the 'return false;', I added:

$url_parts = parse_url($url);
if (checkdnsrr("$url_parts[host].multi.surbl.org", 'A')) {
        return "SURBL";
}

I haven't had a chance to read all the docs on this. Is this all you need to do to implement it? How effective is it? Is there anyway to check the urls that are being filtered? (to check if it's filtering sites that I want to keep or not)

If it works, it could be rather useful.

Actually, I forgot that SURBL will only list the domains. So if domain.com is in SURBL, the above wouldn't detect www.domain.com. I made some changes to fix this as well as require that domains have MX records:

$parts = parse_url($url);
$host = $parts['host'];

# Find MX record to use for SURBL
$pieces = explode('.', $host);
$mx_found = 0;

for ($i = 2; $i <= count($pieces); $i++) {
        $possible_domain = implode('.', array_slice($pieces, -$i));
        if (!checkdnsrr($possible_domain, 'MX')) {
                continue;
        } else {
                $mx_found++;
                break;
        }
}

# Reject domains without MX
if (!$mx_found) {
        return "NOMX";
}

# Check SURBL
if (checkdnsrr("$possible_domain.multi.surbl.org", 'A')) {
        return "SURBL";
}

I think this should do it.

As far as the effectiveness of SURBL, it works fantastic for email. I've yet to determine how well it will for for blog spam, but it's likely that a blog spammer will be spamming with his/her domain via email as well.

SURBL lookups can be done [url=http://www.rulesemporium.com/cgi-bin/uribl.cgi]here[/url]. Perhaps a whitelist could be implemented if SURBL is used.