On Friday, May 28, 2004, 3:48:15 AM, Rikhardur EGILSSON wrote:
From: jdow [mailto:jdow@earthlink.net]
See: http://article.gmane.org/gmane.mail.spam.spamassassin.general/50187
If it hurts when you put your finger in the pencil sharpener and turn the crank don't do it. Simply cancel all redirects as spam. If someone legitimate is not courteous enough to send it "clear" then "scroom."
Good point, but how do I do that ?
If I understand the SURBL documentation corectly "spamcop_uri_resolve_open_redirects" will only work on those domains explicitly named in "open_redirect_list_spamcop_uri" not every spammer throwaway domain..
We could probably put together a small paper on the subject of redirection sites. First thing to note is that there are different types. Some like the yahoo redirection site show the destination URI clearly contained within the original URI. Others like tinyurl or the spammer redirection site you found encode the destination site so that it's not plainly visible in the original URI. The latter have been called "opaque" and the former "open" redirections. Probably there are other names also, but you get the idea.
urirhsbl in SA 3.0 will check all the domains visible in the URI against the SURBL it's called on (perhaps up to some limited number of URIs), including checking the redirection sites themselves. If the "redirect resolution" feature is enabled, SpamCopURI in SA 2.63 will attempt to resolve the Location header using the redirection server, but I'm not sure whether it can do so on an opaque redirection or not.
All of the previous answers also apply. Reporting spams to SpamCop which have any visible black hat redirection sites will get them into sc.surbl.org unless we specifically whitelist them, which we would not do for purely spammer redirectors such as the one you found. In that way, even an opaque redirection site will get listed if it's a bad guy redirection site, as opposed to a mostly legitimate one like Yahoo's.
Jeff C.
-
Jeff Chan