I'm exploring a variety of ideas to determine the difference between
"serious" domains down to throw away domains used by spammers. The ideas
I'm presenting here are not complete but are just a conversation starter.
for example, if the sending domain has no MX records of its own it is
more likely spam that if there are 3 or more MX records that resolve to
multiple IPs over more than one network. Generally spam only domains are
minimally configured, and highly configured domains are not spam only. I
also think that NS records might indicate that a domain is serious or not.
I think the serious scale could be a useful factor in SA. It doesn't
determine if it's spam or ham in itself. Yahoo is a serious domain and
there's lost of spam. Serious domains should not be blacklisted for
example. We could also look for consistency. Bad RDNS from a serious
domain might be a spam indicator.
There might be other methods of detecting serious domains. If they are
using expensive services. Spammers would not have their dns hosted with
Ultra DNS, or use the expensive registrars, or other services that are
expensive.
Also - thinking we should slowly mine the whois database and provide
some sort of DNS based lookup of whois information to be able to
determine the registrar of a domain, the domain age, or other info that
would be useful in determining that the domain is serious or not.
Who thinks I'm onto something?
--
Marc Perkel - Sales/Support
supp...@junkemailfilter.com
http://www.junkemailfilter.com
Junk Email Filter dot com
415-992-3400
