example.com/net/org DNS records

• Previous message (by thread): example.com/net/org DNS records
• Next message (by thread): example.com/net/org DNS records
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sunday, January 04, 2004 4:43 PM [GMT-5=EST], Roger Marquis
<marquis at roble.com> wrote:

>>  If UCE happens to contain a forged sender
>> of roble.com, would you consider that even remotely useful in a filter?
>
> Yes.  Roble manages several email gateways for companies other than
> ourselves and we've found that rejecting invalid domains and senders
> is an indispensable component of spam filtering.  Not only is it
> effective it is also 100% false-positive proof (so far).

But, it has to be done carefully.  Our RHSBL (part of the AHBL) is based on
this idea - but, we are extremely careful in what we block exactly.  A single
wrong block (aol.com for example) could have really bad side affects for
anyone using the list.  As such, the best way to use a domain style block is
to try and only use it on the mainsleeze spammers for example, that spam from
their (many) domains they own.

We had to do this with topic's spammy domains in order to allow our users to
keep getting messages from mailing lists hosted off of topica's main domain.

Each type of blacklisting has to be carefully thought out, and implemented
correctly.  A combination of a DNSbl, a RHSbl, a whitelist, and something
similar to spamassassin gives you the flexability to block alot of spam
without needing to block everything outright.


-- 
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.sosdg.org

The AHBL - http://www.ahbl.org

• Previous message (by thread): example.com/net/org DNS records
• Next message (by thread): example.com/net/org DNS records
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]