Jim Maul wrote: > > Stream Service || Mark Scholten wrote: >> For so far I know it isn't possible to have a TTL that is to low (if I >> may believe the RFC files). It is also impossible to have [too] many >> A-records. With both facts in mind I would suggest that you find an >> other method off detecting SPAM. >> > > Most SA rules look for spam signs, not RFC violations. Now whether or > not these are good spam signs I do not know... > > -Jim > >
It seems to me there are two legitimate reasons for short TTL. You're running a "hobby" server on consumer broadband, and using something like DynDNS.org for its name service. You're planning on moving soon. In both of those cases, it would be pretty strange to have more than two or three A records. So one or the other of short-TTL and many-As is legit, but together they're good enough spam-sign that a lot of folks might use the rule. I sure would. Cameron -- View this message in context: http://www.nabble.com/Detecting-short-TTL-domains--tf4249063.html#a12095972 Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
