spf-discuss
[Top] [All Lists]

Re: [spf-discuss] throwaway domains and whois

2008-10-15 19:41:55
On Wed, 15 Oct 2008, Stuart D. Gathman wrote:
In our case, we use our own reputation based blacklist.  There are
too many false positives with Spam Haus and the like.

Really?  I'd have thought using Spamhaus ZEN would be quite safe, since
even if there is an FP, you'd be among thousands of domains the sender
can't reach.  You can expect the sender to realize he has a *major
problem* before he even composes a mail to one of your users....

Anyhow, it seems you need the social aspect of a public blacklist.  A
private blacklist is vulnerable to "spread spectrum" use of zombies -- the
spammer could use a different, fresh, zombie for each attempt at one of
your mailboxes.

But it's not possible to spam the whole world without re-using IP
addresses, so there is a good chance that any IP used to spam you has
already hit a public blacklist's spamtrap (or will hit it soon, hence the
value of a long greylist lockdown).

---- Michael Deutschmann <michael(_at_)talamasca(_dot_)ocis(_dot_)net>


-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/
Powered by Listbox: http://www.listbox.com