spamassassin-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jeff Chan <je...@surbl.org>
Subject Re: registrar boundary inconsistencies
Date Fri, 06 May 2005 07:45:48 GMT
On Thursday, May 5, 2005, 11:41:11 AM, Justin Mason wrote:

> John Gardiner Myers writes:
>> Daniel Quinlan wrote:
>> 
>> > We can't just add them willy-nilly.
>> 
>> Why not?  Treat them like .us -- do two queries.

> we don't currently do that.  but that may be a good option, actually!
> allow url_to_domain to return >1 datum, and query all of them.

> In the case of .us, and these private registrars, return 2
> domains, "foo.eu.org" and "eu.org", or "foo.state.us" and
> "bar.foo.state.us".

> - --j.

That's one approach that could work: check at both 2 and 3
levels.  Likely we would never list the registrars, but their
spamming customer subdomains would get listed and caught.  So one
of the two should match.  Of course the problem is that generates
two DNS queries where one would be ideal.

We currently have a (partial) list of entities that register
subdomains, with two-level-tlds list, but does not include all
private registries.

  http://spamcheck.freeapp.net/two-level-tlds

If it would help, we could expand it to include private
registries that register subdomains, in addition to cctld second
level domains.  SURBL-using applications would still need to
include that list and know to process on the next level (the
subdomain) as outlined at:

  http://www.surbl.org/implementation.html

That list does currently have some non-country code domains like:

eu.org
au.com
br.com
cn.com
de.com
de.net
eu.com
[...]

Is SpamAssassin using that list?  If so, it it nearly
sufficient to make this judgement about what level to check on?
Can we improve it just by adding more private registries?

Jeff C.
--
Don't harm innocent bystanders.


Mime
View raw message