http://bugzilla.spamassassin.org/show_bug.cgi?id=1375
------- Additional Comments From [EMAIL PROTECTED] 2004-01-25 02:18 -------
I don't like the idea of having to run mass-checks manually and
extracting domain names to check from that -- mostly because most
people won't do it.
How about this:
- Extract registerable domain part using reportedly existing heuristics
(hostpart.spammer.co.uk -> spammer.co.uk)
- Lookup in local cache file (getting to that later) for
"spammer.co.uk". If there's a hit, we know the results. If not:
- Fire up full DNS lookups for the given hostpart.spammer.co.uk.
Get the IP. Check the IP in configured RBLs. Store the results
in the cache file as something like:
spammer.co.uk dnsbl.foo.org 127.0.0.1 127.0.0.2 127.0.0.3
spammer.co.uk dnsbl.bar.org 127.0.0.2
or: for no hit
spammer.co.uk
Now, when more spam arrives from the same spammer, we're likely
to have the results on file. Of course, we need to time out the
cache entries somehow; the timeout should probably be configured
on a per-RBL basis given the frequency of updates. SBL and SPEWS
are pretty static and can probably stay listed for several hours
(a full day?).
Of course, if some spammer starts registering in dyndns sites we
don't know of, we'll be damning all users of that dyndns site. :/
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
