On Thursday, September 9, 2004, 2:41:22 PM, Matthew Wilson wrote:
If it helps, I agree with Chris. One point to note: Virtual hosters can't use IP addresses in their URLs, because the web server needs a http host header to differentiate between all the possible virtual hosted sites. However, it really wouldn't be difficult to have the SURBL URI detection algorithm find dotted quad URLs, and store these in the SURBL database just like any other domain name...
-Matthew
Unless they own the IP, in which case it's ok to list, which we would do. In other words if we see http://1.2.3.4/ in multiple spams, we would tend to list it.
We may already have some collateral damage because of IP listings.
Perhaps we should change the way SURBL handles numeric URIs to include them only if the IP address also appears in SBL. That might miss some phishers though.
As a safety measure against uber joe jobs *against good guy IP addresses* we should consider doing something like that.
Comments?
Jeff C.