[rbldnsd] regular expression support for rbldnsd
Steven Champeon
schampeo at hesketh.com
Fri Aug 14 19:34:58 MSD 2009
on Fri, Aug 14, 2009 at 01:00:43PM +0200, David Landgren wrote:
> Coming late into the conversation here, it's summer...
>
> You really want to go with left-anchored hostnames.
Erm, no, you *really don't*. I've been tracking these for six years. The
absolute last thing you want to do is use that approach. Way too many FPs
and you *do* care which one matched, because the patterns are classified
by assignment type and technology, so you can tell the difference between
"dynamic/dialup" and "static/leasedline" and "webhost/cpanel", which all
have different risks associated with them.
We used to do left-anchored hostname checks; they were so FP-prone that
we stopped, period. Examples include Marriott sending hotel reservation
confirmation notices from host\d+.marriott.com, just to name one.
Steve
--
hesketh.com/inc. v: +1(919)834-2552 f: +1(919)834-2553 w: http://hesketh.com/
antispam news, solutions for sendmail, exim, postfix: http://enemieslist.com/
More information about the rbldnsd
mailing list