I would like to see a drill down with a bit more precision on the terms
here.
Exactly what is meant by 'adding to the DNS'?
The hypothetical strategy that the spam senders may be following is:
Observation, new mail servers are most likely to be configured open relay.
Algorithm
1) Monitor all new additions to the DNS zones.
Add to set 'candidates'
2) Each hour:
Test each member of the set 'candidates' to
see if a mail service is specified
Add mail service to set 'services'
remove site from candidates
3) Each hour:
Test each member of set 'services; to see
if service is open relay
Add mail service to set 'relays'
Remove from set services
The existence of algorithms of this type strongly suggests that finding mail
servers in open relay is becomming somewhat harder.
Question - how much of the spam is sent through open relays and how much is
sent direct?
Phill
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg