Jeff Chan said: > There are a number of reasons for not doing a whitelist RBL: > > 1. Excessive queries: Whitehat domains come up a lot > in messages.
I was thinking along the lines of something that SpamAssassin downloads once a month, or queries to find out if there is an update available and only downloads if there is. Since the idea is to limit DNS queries, of course it would not be implemented as a DNS-based whitelist that is checked for every URI. It could be stored on a DNS if you could trust people not to misuse it, but it must be designed for infrequent downloads in bulk, with queries of URIs done to a local database. > 2. Potential misuse: Inadvertently blacklisting whitehats, > i.e. user error. If it is separate enough from the blacklist, i.e., it is queried and used in a totally different way than a DNS query of each URI domain, then I don't see much potential for misuse. You simply have a list of the top n non-spam domains that can be downloaded in bulk and document how to do it and that it is to be used to reduce the number of DNS queries. > 3. Possibility of negative scoring: Some application would > probably try to negative score them SpamAssassin would not do it. You would not encourage that. Your documentation would make it clear that it is a list of domains not to bother DNS querying that do not indicate either spam or ham when they appear in an email. Even if some misguided programmer missed all that, I don't see how it would be in a mainstream popular antispam program with enough use to effect spammers' behavior. Sidney Markowitz http://sidney.com
