We are specifically targeted Marc. We have 130 domains on the shelf via
UDRP disputes right now and 30 more in progress.
What I am trying to accomplish with this issue at hand is to score up
and quarantine all domains newer than 380 days. I am fully aware that
there will be some legit email quarantined and I am fine with that,
those can be vetted and released.
What I am targeting will not be on an abusive domains on any RBL
anywhere as they buy these domains for the sole purpose of targeting our
company and our clients. They only have to succeed once where I have to
succeed every time to keep them from stealing large sums.
I may need to look at this differently, more like checking against a DNS
based list of domains over a year old for example and giving those a
negative score if necessary.
------ Original Message ------
From "Marc" <m...@f1-outsourcing.eu>
To "Tracy Greggs" <postmas...@insuredaircraft.com>;
"users@spamassassin.apache.org" <users@spamassassin.apache.org>
Date 5/10/2023 3:50:06 PM
Subject RE: Re[4]: rule based on domain age
Yes some already block/timeout with the 2nd lookup. But there is a flip side.
There are dns blacklists that have domainnames that are currently being abused.
I hadn't considered being blocked by the TLD's from doing the lookups.
Good point. We probably do about 2K per day so not sure that is enough
to be blocked but it certainly could be.
>
>>
>> Why would it have to have to be specific per TLD? Why I have in
mind is
>> looking at the creation date of the sending domain and scoring it up
if
>> it is newer than 12 months, no matter what the TLD is.
>
>I totally get it. I was thinking of incorporating this in a service for
a European project. And even going further, querying owner information.
>
>> Am I missing something?
>
>Because this information is only available at tld's and just querying
the whois endlessly will be blocked. Every tld registry has their own
operating rules.
