On Monday, May 23, 2005, 4:59:14 PM, Justin Mason wrote: > We did actually have an "A of domain name" test during 3.0.0 development, > I think, but dropped it for various reasons:
> - - if a spammer were to use a hostname like > "jm_at_jmason_dot_org.spamdomain.com", they get a free backchannel to > verify that I was (a) using SpamAssassin to filter to my mail, and (b) > that that address is valid. So blindly resolving the full hostname was > judged as unsafe. However, replacing hostname portions with another > token is not useful: assuming that "jm_at_jmason_dot_org.spamdomain.com" > will have the same A as "spamdomain.com" or "www.spamdomain.com" is > naive and easily evaded. Yes, this is a reason we list mostly domain names in SURBLs also. Please see: http://www.surbl.org/faq.html#numbered "Are there plans to offer an RBL list with the domain names resolved into IP addresses?" Jeff C. -- Jeff Chan mailto:[EMAIL PROTECTED] http://www.surbl.org/
