http://issues.apache.org/SpamAssassin/show_bug.cgi?id=3549
------- Additional Comments From [EMAIL PROTECTED] 2005-11-17 04:11 ------- (In reply to comment #26) > (In reply to comment #25) > > another good reason not to do this, is to reduce the risk of transmitting > > identifying info to the spammer. e.g. > > "http://6a6d406a6d61736f6e2e6f7267.confirmedemailaddresses.spammer.biz/image.gif"; > > would confirm my email addr once it was looked up. > > How would that transmit identifying info to the spammer? Have the spammers > infiltrated the SURBL and/or URIBL DNS infrastructures? The point of wildcards as described is that it allows specific hosts like thishost.rm02.net to be blacklisted while not blacklisting thathost.rm02.net. One problem is that "thishost" may be keyed to a specific recipient. Therefore if thishost.rm02.net showed up on a blacklist it could confirm that recipient address foo got delivered and reported (or discovered). foo could then be listwashed or spammed further. Another problem that led to our design decision to ignore subdomains came from noticing that some spammers do generate many randomized or keyed subdomains/hosthames. So in addition to the inadvertent feedback loop cited above the blacklists would also be huge if the spammers generated say 10M keyed hostnames. At first glance a wildcard may seem to solve that, e.g., *.spammer.biz means all their subdomains/hostnames are blacklisted (all your subdomains are belong to us? ;-). But it still doesn't solve massivegibberish.tripod.com. In order to not list thathost.tripod.com, we would need to blacklist jhgkjhgkj.tripod.com, uoyiukjhkjhk.tripod.com, jkhgkjhgkjhkg.tripod.com, etc. That ain't gonna scale for mixed use subdomains like tripod. So we're back to our original two cases: whitehat domain and blackhat domain ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
![http://6a6d406a6d61736f6e2e6f7267.confirmedemailaddresses.spammer.biz/image.gif"](http://6a6d406a6d61736f6e2e6f7267.confirmedemailaddresses.spammer.biz/image.gif"){kind=link}