Kai Schaetzl wrote:
Jo Rhett wrote on Sat, 11 Aug 2007 09:28:05 -0700:
Yes, but this also means that it takes longer to fix false positive
problems. How would one clear this out if the original problem was
fixed and you wanted to receive the mail?
By using some whitelist for legit low-ttl domains.
It would all be easier if there was just an open-content version of the
various sender reputation databases (like various anti-spam appliances
use). You could have things like "low TTL, and how long it has been
low", etc., all factor in to a given IP address's reputation. Which
would be MUCH more useful than the traditional binary RBL type blacklist
(reputation systems usually give a range, such as Ironport's -10 (very
bad) to +10 (very good), and you pick where in that range you want to
block messages).