> > Spam from .cn domains can be mitigated with the right rules and querying
> > multiple lists. I know my users never see .cn domains in their inbox
> > and if I didn't run a blacklist I wouldn't either.
Indeed, spam with .cn URIs really doesn't appear to be a problem at all.
They are well covered by the existing URI DNSBLs -- which are doing an
awesome job, btw -- and the rest of the SA rules.
There is no value in additional rules that catch anyway high scoring
spam. It's the low scorers that need our attention.
> Instead of blacklisting new domains (which is apparently difficult to
> do), why not blacklist all .cn domains (or simply all domains) newer
> than xxx days?
It has been pointed out before, but it still is kind of funny, how this
thread re-invents existing techniques and re-iterates the very same,
often discussed problems. And keeps doing so. I haven't seen anything
new so far.
The design of a BL is pretty off-topic here anyway, even more so on the
users list.
guenther
--
char *t="\10pse\0r\0dtu...@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4";
main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i<l;i++){ i%8? c<<=1:
(c=*++x); c&128 && (s+=h); if (!(h>>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}
