--On 18 April 2004 02:56 -0400 Sean Donelan <sean@donelan.com> wrote:
If you don't want to accept connections from indeterminate or unauthenticated addresses, its your choice.
Whilst that may gave you some heuristic help, I'm not sure about the language. HINFO used that way neither /authenticates/ the address (in any meaningful manner as the reverse DNS holder can put in whatever they like), nor does it /authenticate/ the user (which some might characterize as the problem). Given it is a widely held view (IMHO correct) that using network layer addressing for authentication is broken, I think your suggestion would probably be better received if you described this as a heuristic mechanism. Speaking of which, we gets lots proposed heuristic solutions suggested. Has anyone actually done any formal evaluation of the statistics behind this. For instance looked at a statistical correlation between DUL listed entries and spam, extrapolated to determine what would be the effect if all dialup blocks were listed, and done proper significance testing etc.? Ditto any of the other techniques Paul's greylisting paper refer to. If not, sounds like a useful academic research paper. Hardly like we are short of data points. Alex