The vast majority of soam I get these days is from spam virus infected machines on DSL lines in the USA (sorry but it true).
Why apologize for their crud???
I was considering adding features to smtpd and ratfs to allow regexes so I could add rules for DSL lines. Most ISPs seem to use a fixed format for the reverse IP addresses for their DSL accounts - though each ISP has its own unique format.
I really don't think this will work. The physical source of spam is way too mobile for anyone (or thing) to track. But the content is still amenable to being smacked by bayes-like tools. Although the bastards are getting better -- the last couple of months have seen a wee bit more crud get past the filters. But we still win overall.
Anyway ... simple ingress filtering doesn't work. Its better to concentrate on writing better algorithms that will smack this crud down while it still lives in the swamps.
--lyndon
