You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by mouss <mo...@netoyen.net> on 2007/10/01 16:53:11 UTC
Re: New domains
Jonas Eckerman wrote:
> (The idea below is not mine, someone else (I'm sorry, but I forgot
> who) wrote about it here (I think) before.)
>
> Giampaolo Tomassoni wrote:
>
>> brand-new domains,
>
> Something that could work for this without the problems inherent in
> using whois or registry databases is to simply check how long ago a
> domain was first seen beeing used for sending mail or in URIs in mail.
> (People might allready be doing this locally, but doing it centralized
> could work better.)
>
> A specialized DNS server could be done for this. It'd work something
> like this:
>
> 1: It receives a query.
>
> 2: It checks in it's database.
>
> 3.a, found in database:
> * Return result indicating how long ago domain was added.
>
> 3.b: not found:
> * Adds the domain to the database.
> * Return result indicating new domain.
>
> (It might be a good idea to also save last queried time for each
> domain (meaning 2.a will need to update the database) in order to be
> able to clean out domains that hasn't been seen for a long time.)
>
> In order to be effective, such a DNS list must be used by a lot of
> different systems spread all over the world and used by different type
> of organizations.
>
> It will also take time time until it can be used in an effective
> manner, so enough people would have to be using it for some time with
> very low scores just to seed it.
Wouldn't this be reinventing /etc/hosts? I mean, if you list all
domains, you end up with a huge database... or am I missing something?
>
> I could probably throw together a proof-of-concept DNS thingy in perl
> for this, but I don't have the hardware to host it for production use,
> nor the time to do it properly (perl would probably not be the best
> language to do it in).
>
> The best way might be to actually implement this in an existing
> DNS-list server, so it could be seeded thorugh queries fopr that list.
>
> If, just as an example, SURBL did this, the list would be seeded by
> all systems allready using SURBL lists, and the results could be
> included in multi.surbl.org.
>
> (Please not, I have no idea if implementing this in SURBLs DNS system
> is feasible in any way (wr to software, hardware, lunch breaks, or
> whatever), it was just an example.)
>
> Regards
> /Jonas
Re: New domains
Posted by Jonas Eckerman <jo...@frukt.org>.
mouss wrote:
> Wouldn't this be reinventing /etc/hosts?
No.
The hosts file contained all individual *hosts* a machine needed
to know about, and still contains all hosts a machine needs to
know about without using the DNS.
This database would contain all *domains* that has been used in mail.
> I mean, if you list all domains, you end up with a huge
> database...
Yes. A huge (and dynamic) database.
Regards
/Jonas
--
Jonas Eckerman, FSDB & Fruktträdet
http://whatever.frukt.org/
http://www.fsdb.org/
http://www.frukt.org/