On 14/12/10 14:28, Marc Perkel wrote: > Are there any DNSBLs out there based on email addresses? Since you can't > use an @ in a DNS lookup
Actually, you can use '@' in a lookup. You just can't use it in a hostname. Or you could convert the '@' to a '.' as is the format still used in SOA records. But both of these would have privacy issues: say you've received an email via TLS, your anti-spam system suspects it might be a 419, so you look up a Reply-To address or body email address, and you send a query to the RBL via DNS. But it turns out the message was private ham, and you've lost the protection of TLS. So a hash is best, and I'd suggest SHA1 over MD5. And I do think the idea is worth trying; although freemail identities are cheap, there is still some time and effort and risk of detection involved in creating and checking them. CK
