Okay, here's my idea for a spam filtering technique: Find the URLs in a message, then look up the domain names from those URLs in the WhoIs database. If the domain name was registered less than one month ago, then call the message spam. Similarly, if a URL has no domain name, then call it spam.
To improve this techinique, create a database of URL domain names or IP addresses that are used by known spammers. Perform look-ups on those names. That helps to cover the domain names that are used more than once, and which may have been registered more than one month ago.
Posted by Doug Sauder at February 21, 2003 09:07 AM