--On Thursday, September 27, 2007 7:05 PM +0200 Giampaolo Tomassoni
[EMAIL PROTECTED] wrote:
The only problem is that a spammer could query it days before it will
bulk send, thereby impairing the effectiveness of such approach.
I think we need some official data like the domain's creation
Quoting Kenneth Porter [EMAIL PROTECTED]:
--On Thursday, September 27, 2007 7:05 PM +0200 Giampaolo Tomassoni
[EMAIL PROTECTED] wrote:
The only problem is that a spammer could query it days before it will
bulk send, thereby impairing the effectiveness of such approach.
I think we need
(The idea below is not mine, someone else (I'm sorry, but I
forgot who) wrote about it here (I think) before.)
Giampaolo Tomassoni wrote:
brand-new domains,
Something that could work for this without the problems inherent
in using whois or registry databases is to simply check how long
-Messaggio originale-
Da: Jonas Eckerman [mailto:[EMAIL PROTECTED]
Inviato: giovedì 27 settembre 2007 18.17
A: users@spamassassin.apache.org
Oggetto: New domains (was: URIWhois plugin)
(The idea below is not mine, someone else (I'm sorry, but I
forgot who) wrote about it here (I
Quoting Jonas Eckerman [EMAIL PROTECTED]:
(The idea below is not mine, someone else (I'm sorry, but I
forgot who) wrote about it here (I think) before.)
Giampaolo Tomassoni wrote:
brand-new domains,
Something that could work for this without the problems inherent
in using whois or
2. As mentioned above the whois data is sometimes populated *after* the
domains
start appearing in spams. Remember that the whois data is still mostly batch
processed once or twice a day. Many of the TLD zone files (where the DNS
delegations actually come from) are updated in near real
Quoting Giampaolo Tomassoni [EMAIL PROTECTED]:
Dears,
well, I just did version 0.01 of the URIWhois plugin.
Its purpose is mainly to detect some spam containing URIs to sites in
brand-new domains, or having some conflict in whois and dns records, or
being driven by specific dns servers
Jeff Chan wrote:
In principle, this is a good concept; using domain whois data to spot bad
domains can be useful.
In practice, it's a really, really, really bad idea since the public whois
infrastructure is not designed for this kind of high volume use. If many
people did it, it would
-Messaggio originale-
Da: Jeff Chan [mailto:[EMAIL PROTECTED]
In principle, this is a good concept; using domain whois data to spot
bad
domains can be useful.
In practice, it's a really, really, really bad idea since the public
whois
infrastructure is not designed for this kind
Quoting Giampaolo Tomassoni [EMAIL PROTECTED]:
How do they handle these domains in a centralized way? Do they simply
relay a whois request for not-yet-seen domains? Because in this case they
have to tune their whois parsers a bit: dob.sibl.support-intelligence.net,
in example, reports both
Dears,
well, I just did version 0.01 of the URIWhois plugin.
Its purpose is mainly to detect some spam containing URIs to sites in
brand-new domains, or having some conflict in whois and dns records, or
being driven by specific dns servers.
So, it is meant to do something I believe someone else
11 matches
Mail list logo