On Tuesday, May 31, 2005 0300, Jeff C. wrote:
>> Yes, please, if you could mention the ones over the past couple
>> days we'll look into them. Some of the ones you mentioned
>> earlier are already blacklisted, so we'd like to analyze the
>> unlisted recent ones to see how we can list them sooner.
> By the way, just to sanity check things, these are the domains in
> message body URIs and not headers, right? I ask because it's
> somewhat unusual to have two sets of domains in a given spam,
> and SURBLs are meant to operate on message body URIs and not
> headers.
Yes, in the body only. Frequently, these things include an image of a text
disclaimer/opt-out notice at the bottom. Rolling over the image shows the
hyperlinked URI, but the text within the image itself shows a different
domain.