From: "Justin Mason" <[EMAIL PROTECTED]>
> - - if a spammer were to use a hostname like
> "jm_at_jmason_dot_org.spamdomain.com", they get a free backchannel to
> verify that I was (a) using SpamAssassin to filter to my mail, and (b)
> that that address is valid. So blindly resolving the full hostname was
> judged as unsafe. However, replacing hostname portions with another
> token is not useful: assuming that "jm_at_jmason_dot_org.spamdomain.com"
> will have the same A as "spamdomain.com" or "www.spamdomain.com" is
> naive and easily evaded.
Seems many already do with base64 (or other) encoded gibberish in front
of the spamdomain.com.
{o.o}
