Slashdot Mirror
Domain Based Spam Prevention?
aralin asks: "Recently I got this idea and wrote a little perl script to extract all the second (third in case of co.uk) level domains from my last month's collection of spam (some 4000 messages). I ran that against a nameserver to find the ones with NS record (valid domains) and made a list for my procmail filter. I get about 10 mails a day that escape to SpamAssassin for various reasons and since I began to check them against my list of domains I caught half of these. The idea is that if they want to sell something, or put a working web bug in my email, they need to provide a valid url with valid domain. If we filter domains from a URL in confirmed spam, then its almost certain any other email referencing such domain is spam as well. What I wanted to ask Slashdot is whether you know about some software project that already uses this form of spam detection as an addition to rule matching and Bayes filters?"
Again the arms race problem: This might work for a while, but once the spammers see a certain level of blocking, they can adjust their spam to circumvent it.
In this case they could start including (hidden, web-bug style) links to popular webmail sites, like hotmail. If you start blocking all messages with links to hotmail, you are probably going to miss some e-mail that you want!
Isn't this just like adding a mail client filtering rule to trash all emails with "mydomain.com" in the body?
Now, having said that, I don't think any mail filter does this explicitly because of problems with legit web page links. All the spammer would need to do is redirect through a page on a hosting service like fortunecity.com or geocities.com.
"Lawyers are for sucks."
- Doug McKenzie
OK, the first spammer that wants to irritate you can thus easily block anyone from ever hearing about your website (by running a "joe-job" with your website's URL in it).