On 02/27/2019 03:25 PM, Ralph Seichter wrote:
We use some of our domains specifically for email, with no associated website.
I agree that /requiring/ a website at one of the parent domains (stopping before traversing into the Public Suffix List) is problematic and prone to false positives.
There /may/ be some value to /some/ people in doing such a check and altering the spam score. (See below.)
Besides, I think the overhead to establish a HTTPS connection for every incoming email would be prohibitive.
Why would you do it per email? I would think that you would do the test and cache the results for some amount of time.
There is a reason most whitelist/blacklist services use "cheap" DNS queries instead.I wonder if there is a way to hack DNS into doing this for us. I.e. a custom DNS ""server (BIND's DLZ comes to mind) that can perform the test(s) and fabricate an answer that could then be cached. ""Publish these answers in a new zone / domain name, and treat it like another RBL.
Meaning a query goes to the new RBL server, which does the necessary $MAGIC to return an answer (possibly NXDOMAIN if there is a site and 127.0.0.1 if there is no site) which can be cached by standard local / recursive DNS servers.
-- Grant. . . . unix || die
smime.p7s
Description: S/MIME Cryptographic Signature
