> -----Messaggio originale----- > Da: Jonas Eckerman [mailto:[EMAIL PROTECTED] > Inviato: giovedì 27 settembre 2007 18.17 > A: users@spamassassin.apache.org > Oggetto: New domains (was: URIWhois plugin) > > (The idea below is not mine, someone else (I'm sorry, but I > forgot who) wrote about it here (I think) before.) > > Giampaolo Tomassoni wrote: > > > brand-new domains, > > Something that could work for this without the problems inherent > in using whois or registry databases is to simply check how long > ago a domain was first seen beeing used for sending mail or in > URIs in mail. (People might allready be doing this locally, but > doing it centralized could work better.) > > A specialized DNS server could be done for this. It'd work > something like this: > > 1: It receives a query. > > 2: It checks in it's database. > > 3.a, found in database: > * Return result indicating how long ago domain was added. > > 3.b: not found: > * Adds the domain to the database. > * Return result indicating new domain.
This is really a good idea. The only problem is that a spammer could "query" it days before it will bulk send, thereby impairing the effectiveness of such approach. I think we need some "official" data like the domain's creation time: at least, spammers will be mandated to buy domains a couple of month before using them... Giampaolo > > (It might be a good idea to also save last queried time for each > domain (meaning 2.a will need to update the database) in order to > be able to clean out domains that hasn't been seen for a long time.) > > In order to be effective, such a DNS list must be used by a lot > of different systems spread all over the world and used by > different type of organizations. > > It will also take time time until it can be used in an effective > manner, so enough people would have to be using it for some time > with very low scores just to seed it. > > I could probably throw together a proof-of-concept DNS thingy in > perl for this, but I don't have the hardware to host it for > production use, nor the time to do it properly (perl would > probably not be the best language to do it in). > > The best way might be to actually implement this in an existing > DNS-list server, so it could be seeded thorugh queries fopr that > list. > > If, just as an example, SURBL did this, the list would be seeded > by all systems allready using SURBL lists, and the results could > be included in multi.surbl.org. > > (Please not, I have no idea if implementing this in SURBLs DNS > system is feasible in any way (wr to software, hardware, lunch > breaks, or whatever), it was just an example.) > > Regards > /Jonas > -- > Jonas Eckerman, FSDB & Fruktträdet > http://whatever.frukt.org/ > http://www.fsdb.org/ > http://www.frukt.org/
