Author: Marc Perkel Date: To: exim-users Subject: Re: [exim] Spam Blocking idea
Marc Sherman wrote: > Marc Perkel wrote:
>
>> Just a thought ....
>>
>> You extract the registrar barrier part of the host name and the same for
>> the helo. Many hosts that send good email this would match. For example
>> yahoo.com would have yahoo.com in both the host and the helo.
>>
>> Then after tracking these and developing a list of hosts that do this
>> then we see a host that the helo claims to be yahoo.com but the rdns
>> says otherwise. The idea is that if they are on the list of having
>> matched then when they don't match it might be a spam indicator?
>>
>
> This fails in exactly the same ways as spf, with the added bonus that
> the owner of the domain doesn't even get to tell us when they've changed
> their architecture so that they should be removed from your list.
>
> - Marc
>
>
Well, first of all the data expired in about a week. And I'm not yet
sure how I'm going to use it. At this point I'm just making a list. I'm
storing host names not IP addresses so changing IPs is not an issue. I'm
not yet sure what it's good for but just throwing the idea out there to
see if it inspires anything.