Hello List,
Somehow spammers are using below's method to get around SURBL. I can create a simple body rule but might end-up having a huge list like the bigevil list. Any suggestions how to beat this type of spam?
Subject: Rx Meds to go From: "zasrybf" zasrybf@yahoo.com Date: Wed, 01 Dec 2004 19:15:43 -0700 To: <Undisclosed Recipients>
Total confidentiality with hundreds of different drug products in stock. Your very best prescription medications online.
www. rxandyou. com (Copy and Paste this address to your browser)
Thanks in advance.
-RD
Hi RD, At 17:37 02-12-2004, RD wrote:
Somehow spammers are using below's method to get around SURBL. I can create a simple body rule but might end-up having a huge list like the bigevil list. Any suggestions how to beat this type of spam?
I copied and pasted the address in my browser and it does not work. Instead of beating this type of spam, we should encourage the use of such urls in spam. :)
Regards, -sm
On Thursday, December 2, 2004, 8:07:30 PM, SM SM wrote:
Hi RD, At 17:37 02-12-2004, RD wrote:
Somehow spammers are using below's method to get around SURBL. I can create a simple body rule but might end-up having a huge list like the bigevil list. Any suggestions how to beat this type of spam?
I copied and pasted the address in my browser and it does not work. Instead of beating this type of spam, we should encourage the use of such urls in spam. :)
Yeah, if we're causing spammers to use broken URIs or broken web names, then that's probably a good thing.
Jeff C. -- "If it appears in hams, then don't list it."
Not for me :-(
The spam was relayed through our server by one of our customers (compromised with spam-sending-worm). So ISP's like AOL starts blacklisting our server. sigh.
Anyway, those e-mails are still a spam. If all spammers starts using the "Cut_and_Paste_the_URL_to_your_Browser" technique, then SURBL is defeated. Just my 2 cents.
Jeff Chan wrote:
On Thursday, December 2, 2004, 8:07:30 PM, SM SM wrote:
Hi RD, At 17:37 02-12-2004, RD wrote:
Somehow spammers are using below's method to get around SURBL. I can create a simple body rule but might end-up having a huge list like the bigevil list. Any suggestions how to beat this type of spam?
I copied and pasted the address in my browser and it does not work. Instead of beating this type of spam, we should encourage the use of such urls in spam. :)
Yeah, if we're causing spammers to use broken URIs or broken web names, then that's probably a good thing.
Jeff C.
"If it appears in hams, then don't list it."
Discuss mailing list Discuss@lists.surbl.org http://lists.surbl.org/mailman/listinfo/discuss
On Thursday, December 2, 2004, 9:51:40 PM, RD RD wrote:
Anyway, those e-mails are still a spam. If all spammers starts using the "Cut_and_Paste_the_URL_to_your_Browser" technique, then SURBL is defeated. Just my 2 cents.
It means SURBLs have won since we've denied spammers the use of clickable links.
Jeff C. -- "If it appears in hams, then don't list it."
Jeff,
Don't get me wrong, SURBL is one of the best anti-spam tool.
I just thought that an additional feature for SpamcopURI to scan the message for a non-clickable links/domains that is present it SURBL would be a nice add-on.
Jeff Chan wrote:
On Thursday, December 2, 2004, 9:51:40 PM, RD RD wrote:
Anyway, those e-mails are still a spam. If all spammers starts using the "Cut_and_Paste_the_URL_to_your_Browser" technique, then SURBL is defeated. Just my 2 cents.
It means SURBLs have won since we've denied spammers the use of clickable links.
Jeff C.
"If it appears in hams, then don't list it."
On Thursday, December 2, 2004, 11:02:26 PM, RD RD wrote:
I just thought that an additional feature for SpamcopURI to scan the message for a non-clickable links/domains that is present it SURBL would be a nice add-on.
SpamAssassin probably already does quite a bit of deobfuscation to detect URIs and domains in them. I think it may look for www.domain.com already, but I don't know about www . domain . com You could look at the source code or ask them....
Jeff C. -- "If it appears in hams, then don't list it."
-
Jeff Chan -
RD -
SM