http://bugzilla.spamassassin.org/show_bug.cgi?id=1375
------- Additional Comments From [EMAIL PROTECTED] 2004-01-20 16:04 ------- Subject: Re: do RBL look-ups on URLs -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 >One thing to keep in mind when deciding the implementation is spammers >that randomize the first DNS component in the URI, e.g. atriks (again): >http://wwhxwxqwqwudxnwcqnrnkwdqcmcmd0627.openbsdmailservers.com/ >A system that works with whole URIs wouldn't work here. One that tries >to figure out the actual user-registerable domain would perhaps work, >but that requires knowledge of how TLDs work, lest one suddenly blacklist >e.g. ".co.uk" or ".com.tw" or ".com.au" or ".tm.se" or "lastname.name", >etc etc.. That's not a big problem; we already have code in 2.70 that understands which CCTLDs use subdelegation (ie. those). >A system that simply resolves the name and checks the resulting IP address >against IP-based RBLs would be fool proof. Although perhaps resolving a name like the openbsdmailservers.com one above might confirm an email address, if the name contained the address in encoded form. But still, I think it may be worthwhile (if optional, maybe). Perhaps it could include heuristics to detect encoded-address hostname parts, and replace those with its own random hostname part text? BTW another point -- regarding spammers overloading the system by sending 200 URIs in a single message. IMO the best approach to deal with that problem is to select 5 URIs to analyze from the message, with preference given to the largest IMG tags first. - --j. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) Comment: Exmh CVS iD8DBQFADcIHQTcbUG5Y7woRAhnKAJ4stUvBraaI0P4rc67zhholhAYimgCg4PIr afFaCi8MDFHvCsiwBbU/V2M= =aNY3 -----END PGP SIGNATURE----- ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
