OK, making more sense now... So let's say when I'm setting up my email account in Outlook, I accidentally enter my 'from' email address as [EMAIL PROTECTED] , then the fake domain matcher is going to flag my emails this since that domain as I typed it is not a valid domain?
That's fine if that's the case. But given how error-prone people are in setting up their email accounts in Outlook, etc., and the possibility that at random times, a DNS server will timeout on a request for perfectly valid domain, this would appear to me to be a very risky matcher to use in production. Opinions? Thanks for the good info. Jerry -----Original Message----- From: Serge Knystautas [mailto:[EMAIL PROTECTED] Sent: Friday, June 30, 2006 10:29 AM To: James Users List Subject: Re: False Positives on "SenderInFakeDomain"? On 6/30/06, JWM <[EMAIL PROTECTED]> wrote: > Also, the DNS explanation makes sense. But where do all these ip addresses > that were in the original config.xml file fit into the picture? Where did > these come from? Were they simply a snapshot in time of some known bad ip's > that could easily become good a few years later? Ah, very good question! What happened for a bit there was Verisign and other naughty DNS servers.... instead of responding that a fake domain was invalid, it would say, "oh that [fake] domain will point to our advertising server. The idea was that when my grandmother mistyped a website address, they would get to see Verisign ads instead of a helpful message saying that they typed something wrong. That list of IP addresses are those [ad] servers that the bad DNS servers would alternatively respond for fake domains. -- Serge Knystautas Lokitech >> software . strategy . design >> http://www.lokitech.com p. 301.656.5501 e. [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
