I modified it so it checks the root domain and all subdomains up to the
email domain.
As for your question - if afraid.org has a website then you are correct,
all subdomains of afraid.org will not flag this rule, but if lots of
afraid.org subdomains are sending spam then I imagine other spam
detection methods will have a good chance of catching it.
I'm not sure what you mean by "working up the tree" - if afraid.org has
a website and I work my way up the tree then either way eventually I'll
hit afraid.org and get a valid website, no?
My current implementation fires off concurrent HTTP requests to the root
domain and all subdomains up to the email domain and waits for a valid
answer from any of them.
On 2/28/2019 10:27 PM, Grant Taylor wrote:
What about domains that have many client subdomains?
afraid.org (et al) come to mind.
You might end up allowing email from spammer.afraid.org who doesn't
have a website because the parent afraid.org does have a website.
I would think that checking from the child and working up the tree
would be more accurate, even if it may take longer.
