On Wed, Oct 19, 2016, at 13:27, Vick Khera wrote: > 1) Is the remote IP listed in CBL? Yes -> force CAPTCHA > 2) Is the remote IP listed in CleanTalk.org/blacklists? Yes -> force > CAPTCHA > 3) Is the remote IP listed in minFraud open proxies? Yes -> force CAPTCHA > > Then proceed with the normal signup form, which in our case is always > COI for all customers. I do the tests in the above order, and short > circuit once I have a positive match. Each of the three services > catches about ⅓ of the bad actors, amazingly enough. I do the queries > in the order of cost to me, so as to minimize how much I have to > spend. :-) I also cache the results.
A random thought, would it also be worth evaluating IPs that are not listed on a DUL as potential candidates? I realize DULs contain server space and other stuff that doesn't send mail, but it seems to me that most legitimate subscribers should be in DULs. _______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
