On Mon, 04 Oct 2010 13:30:55 PDT, Owen DeLong said: > Removing a few points probably isn't a bad idea so long as you have a list of > domains for which points should be added.
140 million .coms. Throw-away domains. I do believe that Marcus Ranum had "trying to enumerate badness" on his list of "Six stupidest security ideas". This won't scale as long as you have more spammers adding new domains faster than your NOC staff can add them to the blacklist. (And even centralized blacklists run by dedicated organizations haven't solved the problem yet, so I'm not holding my breath waiting for that to work out...)