On Fri, 10 Dec 2004, kent crispin wrote:
I disagree, I think this may be ok, but its specifically because its for .com/.net whois (not ok for general TLD). Reasons are: 1. Internic.net / CRSNIC whois has no limit set on number of queries client from particular ip can make before queries are denied (or it may have limit but its set very high) and its data is almost always available and quite fast (but there were some outages).
Only works for .com and .net.
Which is exactly what I said :) Nevertheless majority of the domains used (including very large number of spammer registered domains) are in .com/.net which is why I think this would be usefull greylisting technique (note that its not good idea for blacklisting unless data other then from whois is available!). I'm going to explore this weekend what it would take to take some of the code I have and make into the kind of library I described (this will require addition of specialized caching database, etc) and then if others are interested I'd like to get together with MTA and/or greylisting spamfilter developers to finish this all up. -- William Leibzon Elan Networks william@elan.net