Looks like senderbase.org has a database of the domains and IPs used to send the most mail. Normally that would not be too interesting to us since we care about message body URIs, i.e. content, and not senders or their ISP addresses, but I'm thinking about whitelisting all the legitimate NSPs, ISPs and telcos in their top domains list:
http://www.senderbase.org/search?page=domains
we would exclude the few that appear to be spammers according to spamhaus:
imgmailer.com TAM Network stocksntalk.com iMedia Networks Inc. havagreatday.com
But I'd like to whitelist all the rest which are obviously large ISPs, etc. In essence we're just using it as a list of some of the top ISPs in the world.
Does anyone have any comments on this?
Note that this won't have a major effect on bad guys since spammers would not have much incentive to advertise their ISPs, and we don't "whiten" spams for mentioning non-spam domains anyway. It also does not mean that we're whitelisting the ISP address space, senders, or anything like that, just mail that mentions these large ISP URIs.
Jeff C.