william(at)elan.net wrote:
>> There's a lot more information available about domain names
>> than about IP addresses,
> I disagree.
"Age of domain" has its uses if you can get it. RFCI listings
are also interesting.
> In the end the most reliable way to detect and filter these
> domains is actually based on ip address of the the server
> hosting the website for the advertised and used domain
You can also use SURBL at the moment.
> I'm not at all certain that doing reputation on per-domain
> basis will be easy (in fact I think it would be more
> difficult then on per-ip).
Depends, the white / grey hats will have stable domains. The
bad guys use throw away domains. Maybe SURBL forces them to
use redirections (that's of course irrelevant for DKIM).
> claiming that this will allow us to stop spam (either
> directly or indirectly putting all hope on
> accreditation/reputation) are incorrect.
ACK, but nobody did that, a "threat analysis" for a FUSSP
would be rather simple :-)
Bye, Frank
_______________________________________________
ietf-dkim mailing list
http://dkim.org
