At 14:05 2005-06-28 +0200, Ruud H.G. van Tol wrote:
Professional Software Engineering schreef:
> Comments anyone (besides arguing about specific tlds, which are a
> matter of preference)?
And most spam here is From *.com and contains common English words.
I realize most spam is from .com, but the point is that many .com users may
not generally receive a lot of mail from .xx, and therefore, that small
segment of their spam can be better classified as iffy by inclusion of this
check. No single check is going to thwart all spam.
IP-to-country DNS mapping service:
http://countries.nerd.dk/
I'm operating on the email addresses. The TLDs used often bear no
relationship to the origin IP. Examining just a small number of recent
messages, I see .es and .nl coming from korean IP space, .ch from verizon
(in the US), .au from alltel (in the US). Of the handful I just checked,
not a one comes from IP space even remotely connected with the country the
message is claimed to be from. I already block several Asia-Pacific
origins via a DNSBL I created (before things like nerd.dk came into
existance), and it works quite well for keeping out a lot of unwanted
stuff, which by merit of being rejected during the SMTP RCPT phase, I don't
have to waste processor time on.
I guess one could cross reference the sender TLD and the IP space the
message was relayed via, though ISPs hosting in multiple countries (esp.
within Europe) could pose issues.
---
Sean B. Straw / Professional Software Engineering
Procmail disclaimer: <http://www.professional.org/procmail/disclaimer.html>
Please DO NOT carbon me on list replies. I'll get my copy from the list.
____________________________________________________________
procmail mailing list Procmail homepage: http://www.procmail.org/
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail