On 22/10/2010 3:19 PM, Darxus(_at_)ChaosReigns(_dot_)com wrote:
Something I'm surprised didn't come up on this list, that was mentioned on
the spamassassin users list:
http://www.mimedefang.org/reputation
An IETF draft of a Reputation Reporting Protocol.
I actually wrote a plugin for SA to query one such service, April
Lorenzen's outboundindex.net. I'm not sure how she ever made out with
it, or if she's still at it. Yours, hers, and others, ideas are quite
similar. I myself only ever got around to a small scale test of my own
and registering a handful of domain names.
http://svn.apache.org/repos/asf/spamassassin/trunk/rulesrc/sandbox/dos/SIQ.pm
I'm not a huge fan. It uses UDP which, as it mentions, allows forging of
the sending IP. Other good stuff in it though.
You could avoid bulk amounts of forgery by passing sequence numbers back
and forth or what not. I'm thinking we might have been passing a secret
token back and forth at one point. UDP for speed can't easily be beat,
though. When you're dealing with millions of messages, and thus
queries, from each clients' mail server each day you need to handle
massive scaling.
Daryl
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg