On Wed, 12 May 2004, Matthew Elvey wrote:
If we assume spammers will churn through $5 domains in very high volume,
and notice if any of them get expired by BL maintainers, so they all
need to stay in BLs, how big a BL are we talking about?
Easier to just blacklist the spammer's name servers. SpamAssassin 3.0
looks up the IP addresses of the nameservers hosting the domains used in a
message's body in the SBL; this technique has proved to be very effective.
The same can be done with domains used in the SMTP conversation and
message header.
--
Tony Finch <dot(_at_)dotat(_dot_)at> http://dotat.at/