> From: Gary Mills <[EMAIL PROTECTED]> > SPAM reputation is critical in this game. In most cases, I can't even > guess which domains have a good reputation and which don't. I > certainly can't investigate all of them. I've only found one bank so > far that uses DKIM signatures. A reputation database is the missing > ingredient. In terms of procedure, I'd need to begin with the > Authentication-Results log lines or headers, determine the owner of > the domain, and then look up the reputation of the owner. Is any sort > of reputation database available now? Soon?
Instead of only whitelisting by DKIM success, why not also blacklist by DKIM failure or IP address reputation? There are now many IP address reputation schemes in addition to classic DNSBLs. Some are Commtouch's, Ciphertrust's, and DCC Reputations. Commtouch's can be queried as if it were a DNSBL. DCC Reputations are built into the commercial DCC code. A lot of phishing can be blocked by using Spamhaus' ZEN DNSBL, which includes Spamhaus' PBL. I think DCC Reputations and Spamhaus' ZEN are cheapest of those Spamhaus's ZEN has very few false positives and generally can be used without local whitelists. Umanitoba.ca's traffic is non-commercial and might be low enough to qualify for free access to Spamhaus' ZEN. See http://www.spamhaus.org/organization/dnsblusage.html Vernon Schryver [EMAIL PROTECTED] _______________________________________________ DCC mailing list [email protected] http://www.rhyolite.com/mailman/listinfo/dcc
