Jeff Chan writes: > On Friday, June 23, 2006, 5:31:04 AM, Michael Monnerie wrote: > > On Freitag, 23. Juni 2006 14:10 Jeff Chan wrote: > >> http://www.bobparsons.com/DomainKiting.html > > > Very interesting page, I wasn't aware of Domain Kiting yet. > > > A check for new domains would be good implemented in the MTA directly, > > so postfix could temporary reject delivery until the domain is at least > > 6 days old. OK, it would offend real people - but waiting 5 days for a > > new company shouldn't be too problematic, the annoiance will stop > > automatically. > > That's an interesting idea, but probably impractical because: > > 1. Getting domain ages from whois is difficult and very > non-uniform between registrars. > > 2. We probably don't want millions of MTAs doing billions of > whois queries per day or per hour. > > 3. It requires a program like SpamAssassin to deobfuscate and > exatract URIs to be checked. > > 4. A DNSBL is a reasonably good technology for distributing > these data.
yeah, I think the "day old bread" DNSBL idea [*] is the best way to implement this; whois servers are horrific to query on an automated basis. Good news. ([*]: it's not really a DNSBL btw. is it an RHSBL or a URIBL, really? or both?!) --j.
