[SURBL-Discuss] Re: registrar boundary inconsistencies

Jeff Chan jeffc at surbl.org
Fri May 6 09:45:48 CEST 2005

On Thursday, May 5, 2005, 11:41:11 AM, Justin Mason wrote:

> John Gardiner Myers writes:
>> Daniel Quinlan wrote:
>> > We can't just add them willy-nilly.
>> Why not?  Treat them like .us -- do two queries.

> we don't currently do that.  but that may be a good option, actually!
> allow url_to_domain to return >1 datum, and query all of them.

> In the case of .us, and these private registrars, return 2
> domains, "foo.eu.org" and "eu.org", or "foo.state.us" and
> "bar.foo.state.us".

> - --j.

That's one approach that could work: check at both 2 and 3
levels.  Likely we would never list the registrars, but their
spamming customer subdomains would get listed and caught.  So one
of the two should match.  Of course the problem is that generates
two DNS queries where one would be ideal.

We currently have a (partial) list of entities that register
subdomains, with two-level-tlds list, but does not include all
private registries.


If it would help, we could expand it to include private
registries that register subdomains, in addition to cctld second
level domains.  SURBL-using applications would still need to
include that list and know to process on the next level (the
subdomain) as outlined at:


That list does currently have some non-country code domains like:


Is SpamAssassin using that list?  If so, it it nearly
sufficient to make this judgement about what level to check on?
Can we improve it just by adding more private registries?

Jeff C.
Don't harm innocent bystanders.

More information about the Discuss mailing list