Jeff Chan wrote to SURBL Discussion list and Spamassassin-Talk (E-mail):
.com is so large and rapidly changing as to be practically unknowable. That's what I mean by "can't".
IIRC, .com is up to about 25M domains, and it's way, way higher than the other gTLDs (and light years beyond ccTLDs).
By the time you have all of .com fully cataloged, it will have changed significantly.
25M queries isn't that hard, and it can be trivially distributed to make for a more responsive system. Even 250M isn't out of reach.
As I mentioned, the base problem has already been solved by whois.sc, and probably others. We just need to adapt it to be useful in fighting spam.
Oh, and, we can *also* use this data to safely determine domain age for newly registered domains. Since the most spammy domains are less than a week old, we'll start to have useful information for *that* within about a week. :-)
Really the only ones who could collectively determine how spammy a particular virtual host IP is are the domain registrars working together and pooling all their registration data then resolving every hostname and building a database of all the resolved IPs mapped back into all of their domain names.
That's *exactly* what I'm suggesting, and the registrars already pool their data. They're called TLD zone files, and (almost) anyone can download them.
If you can't see all the good guy domains on a virtual hosting IP, then you can't see who else you would block.
We *can*, Jeff. We can. That was the whole point of my message.
- Ryan