dig throwaway1.com NS dig throwaway2.com NS etc etc ... and then check_sender_ns_access in postfix, for example.
Scales much better than whackamoling one domain after the other on the same NS On Mon, Oct 4, 2010 at 4:59 PM, <valdis.kletni...@vt.edu> wrote: > > 140 million .coms. Throw-away domains. I do believe that Marcus Ranum had > "trying to enumerate badness" on his list of "Six stupidest security ideas". > This won't scale as long as you have more spammers adding new domains faster > than your NOC staff can add them to the blacklist. > > (And even centralized blacklists run by dedicated organizations haven't solved > the problem yet, so I'm not holding my breath waiting for that to work out...) -- Suresh Ramasubramanian (ops.li...@gmail.com)
