To be extra clear, the kind of sender's list I was talking about wouldn't be the same as a yellowlist because it would ALL types of IPs (black, white, yellow). Except everyone... including spammers... would have to jump through some hoops to get a single IP that list. But this /then/ VASTLY lowers the number of possible IPs that could be subsequently be whitelisted, blacklisted, or yellowlisted.
Depends what your goals are. As soon as you add even the smallest bit of qualification, you have all of the pain of any sort of policy based list, people complaining that they're listed, complaining that they're not listed, lying to you about whether they qualify, and it's not worth the effort. An MTA sees a connecting client as white (accept everything), black (reject everything) or color-to-be-named-later (accept but filter.) As soon as you think a host is not pure spam, you're done, since you'll filter it anyway.
And even though you mentioned that FCrDNS wouldn't work as a spam filtering defense...
No, no, rDNS won't work at all, for anything. It has the same problem as naive DNSBLs, blows out the cache when bad guys use lots of addressess. You don't even dare do the lookups.
Regards, John Levine, jo...@taugh.com, Taughannock Networks, Trumansburg NY "I dropped the toothpaste", said Tom, crestfallenly.
