12 Aug
2004
12 Aug
'04
11:57 p.m.
Jeff Chan wrote to 'SURBL Discussion list':
On Thursday, August 12, 2004, 4:26:09 PM, Jeff Chan wrote:
Headers are too easily and too often forged. .... there's an incentive to put legitimate domains in headers to try to fool automated or human header checking.
Correction, none of the domains in SURBLs should be legitimate so they should not have value in being added to headers. Still SURBLs are best used on URIs only.
Yes, and your earlier point is still valid, as headers would be an easy way to poison SURBL checks and make life a living hell for those who hand-check URIs.
- Ryan
--
Ryan Thompson ryan@sasknow.com
SaskNow Technologies - http://www.sasknow.com
901-1st Avenue North - Saskatoon, SK - S7K 1Y4
Tel: 306-664-3600 Fax: 306-244-7037 Saskatoon
Toll-Free: 877-727-5669 (877-SASKNOW) North America