Improving domain blacklisting:
Current domain blacklisting techniques are not very effective as spammers keep replacing blacklisted domains with newly registered domains. Also, the IP blacklist only focuses on the sending IP addresses of spam emails, which is not effective against botnet-generated spam. So, to combat this problem the idea is to cluster spam domains based on their hosting IP addresses and associated email subjects and identify the most dominant hosts rather than the common content-based spam detection research approach. The goal is to identify spam hosts that are heavily used by spammers to host many spam domains and account for a large number of spam messages.
For blacklisting, The URLs within the spam emails are analyzed and scrutinized and reported to the blacklist. Further incoming emails which contain any of the blacklisted domains will be blocked. As a future view, the target is to build IP blacklist and domain blacklist that can be reported to law enforcement agents. Currently, it is done by SQL queries. Automating this process by having a computer program query the database and generate reports would be beneficial for spam reduction. This would reduce the time taken in analyzing the domains to be blacklisted and hence would reduce the spam mails.