On Sun, 14 Jan 2007, Tony Finch wrote:
I would expect the lists of compromised hosts to be fairly effective -
open proxies of various kinds and perhaps botnet hosts. As for SMTP the
blacklists would only be a starting point that either provide a cheap
preliminary check or feed a more sophisticated filtering system.
If you allow anonymous, unauthenticated access to any system it will
be abused. Auctions, blogs, chat, mail, phone, etc. IP addresses
have never been good authenticators for applications. Sending
confirmation E-mail addresses aren't that much better. And blacklists
will just continue to grow longer.
How do you know your user?
