Dan Hollis wrote:
How about the ones with broken contact data - deliberately or not?
A whois blacklist sounds good to me. DNS WBL?
Many sites are already doing this locally. It's just a matter of time
before Spamhaus or an up-and-coming entity has an RBL for it. The data
is perhaps not precise enough for a blacklist but obfuscated whois
records are certainly useful in calculating the reputation of
ingress/egress SMTP, HTTP and other services. This is not a new idea
and similar to the (unmaintained?) whois.abuse.net contact lookup
service, razor/pyzor, and other useful SIEM and Spamassassin inputs.