The vast majority of people on the Internet do not know or care what ZDNet is. The only time they are going to see a ZDNet URL is when it arrives as part of some spam. They would quickly benefit if ZDNet was listed.
If I were to open my SMTP server so that any spammer could use it to redirect mail I'd be prepared to bet that I would end up (quite rightly) on a black list within hours and yet despite the warnings ZDNet have taken weeks and done next to nothing and are still not black listed.
Actually it's just occured to me that all this illicit spam traffic could be quite useful for someone running a redirector. All they need to do is make it look like you are open for a couple of weeks and get the spammers really interested. Then intercept the illegal redirects to create traffic for their own site. They can effectively spam anyone they want without having to worry about the implications because after all they didn't actually do anything wrong. I'll have to quickly create my own redirector and then sit back and wait for the hits.
Nick
Protect your domain from use by spammers. Set up an SPF record, read more about it here http://spf.pobox.com/.
-----Original Message----- From: Jeff Chan jeffc@surbl.org To: "Nick Askew" Nick@askew.nl Cc: SURBL Discussion list discuss@lists.surbl.org Date: Thu, 7 Apr 2005 00:13:53 -0700 Subject: Re: [SURBL-Discuss] More spams with Zdnet redirector
On Wednesday, April 6, 2005, 11:58:31 PM, Nick Askew wrote:
Jeff,
So it seems that there is an obvious loophole in SURBL. As long as
the
spammer uses a legitimate business running a redirector you will
never black
list them (perhaps the spammer could even set up their own legitimate redirector). This open redirector discussion for ZDNET has been open
for
several weeks now, they have had more than ample warning.
Nick
No, it's not a loophole. Programs like SpamAssassin and SpamCopURI correctly parse some redirection sites like g.msn.com and check the redirected-to site.
Jeff C.
"If it appears in hams, then don't list it."
Discuss mailing list Discuss@lists.surbl.org http://lists.surbl.org/mailman/listinfo/discuss