3 Jun
2009
3 Jun
'09
4 p.m.
On 3-06-2009 15:41, Kevin A. McGrail wrote:
I've been working with a sha1 hash system to block bad images using DNSBL as the lookup method. This got me thinking what about a hash of the URL so it's more like b14b18da529769a503201357ac224c32857d1e69.multi-hash.uribl.org?
This would fix the issue, would it not if SA had code to do the same hash prior to lookup?
Even if this surely solve *this* issue avoiding the domain to be clear-text, this is not a solution for this problem.
What is going to happen when that hijacking stuff starts replying SURBL queries positively no matter what's being asked?