For so far I know it isn't possible to have a TTL that is to low (if I may
believe the RFC files). It is also impossible to have to many A-records.
With both facts in mind I would suggest that you find an other method off
detecting SPAM.
With kind regards, Met vriendelijke groet,
Mark Scholten
Stream Service
Web: http://www.streamservice.nl/
E-mail: [EMAIL PROTECTED]
NOC: http://www.mynoc.eu/
NOC e-mail: [EMAIL PROTECTED]
Tel.: +31 (0)642 40 86 02
Fax: +31 (0)20 20 101 57
KVK: 08141074
BTW: NL104278274B01
----- Original Message -----
From: "clsgis" <[EMAIL PROTECTED]>
To: <users@spamassassin.apache.org>
Sent: Friday, August 10, 2007 4:34 PM
Subject: Detecting short-TTL domains?
We're seeing URIs in spam whose domains have between
a dozen and three dozen Address records, with time-to-live TTLs less than
ten minutes.
Is there a test for too many Address records? What's its name?
Is there a test for too-short TTLs?
--
View this message in context:
http://www.nabble.com/Detecting-short-TTL-domains--tf4249063.html#a12092425
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
