From patrik@patrik.com Thu Jun 17 00:16:13 2004
From: Patrik Nilsson <patrik@patrik.com>
To: discuss@lists.surbl.org
Subject: Re: [SURBL-Discuss] proxypots
Date: Thu, 17 Jun 2004 00:15:58 +0200
Message-ID: <5.2.0.5.0.20040617000730.0437ffe8@ulithi.infotropic.com>
In-Reply-To: <200406162045.i5GKjX3L025328@ensmp.fr>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============7162083519327913340=="

--===============7162083519327913340==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit

At 22:45 2004-06-16 +0200, Jose Marcio Martins da Cruz wrote:
> > On Wednesday, June 16, 2004, 11:39:26 AM, Justin Mason wrote:
> > >> - - Ignore .org/.net/.com?  spammer will use .biz, .info, and ccTLDs.
> > >> - - Ignore 0-length links (<a href=...></a>)?  spammer will change
> > >>   to use <a href=...>{RANDOMWORD}</a>.
>
>No ! O-length links are invisible. RANDOMWORDs or anything with length
>greater than 0 are visible !

The spammers have already started using one-char "words" as a way to get 
around checks for 0-length links and still keep the links relatively 
non-visible.

I wouldn't be surprised if some of them start using style sheets to hide 
certain links in html-mail next, so I wouldn't count on them not using 
something like <a href=... class="my_bgcolored_A">{RANDOMWORD}</a> in the 
future...

Patrik 

--===============7162083519327913340==--