> > For au.com and att.net there are only adult subdomains in the blacklist.
This is ok.
>
> However SURBL's in general don't use subdomains, I've just run a test
> on my personal SURBL and SpamCopURI doesn't currently look at
> subdomains. I suspect because of the requirement for a lookup per
> domain level which would obviously both make things inefficient and
> also leave room for a denial of service.
Actually the reason is that spammers quite commonly set up their hosts so
that the base level or two are all that is valid, and anything above that is
ignored. This lets them put hundreds of different 50-character completely
random strings in as part of the "subdomain name", specifically to defeat
something that tried to match on complete domain names.
Loren
