Quoting Keith Ivey <[EMAIL PROTECTED]>:
List Mail User wrote:
Legitimate domains will use wildcards for 'NS', 'MX' and even
occasionally for some more obscure records, but an 'A' or 'CNAME'
record is nearly always a spammer.
Do you have any statistics for that? I administer plenty of domains
that have wildcard A records, and I'm not a spammer. And are
metafilter.com, dailykos.com, and livejournal.com all spammers now?
-- Keith C. Ivey <[EMAIL PROTECTED]>
Washington, DC
Add tinyurl.com and pastebin.com to that list.
Perhaps - instead of considering a hostname that has wildcards as being spam,
would it be possible to resolve each hostname piecemeal, starting with "b.a"
and then if there is a third portion, "c.b.a", and so on. When a host
resolves
to an IP that exists in an RBL, then its spam. If we hit a wildcard, then
stop, so if "*.b.a" exists, then look up the IP for that record in the
RBL, but
go no further.
This should be enough to protect privacy since encoded URLs in the host
portion
of a domain won't be looked up, but we'll still get the IP to check.
-- Evan
