[SURBL-Discuss] another redirector ?

Eric Kolve ekolve at comcast.net
Tue Apr 27 16:37:17 CEST 2004

That didn't seem to work.  I got redirected to http://images.google.com/images.

The hex encoded url is supposed to go to:


with REMOVE taken out.

I don't know if this means we would always be playing catch up, since I believe the number
of redirectors that they can exploit will steadily decline as we plug holes.

As well, just because one new redirector is found, doesn't mean the spamming community
at large knows about it or knows they need to switch.  Most will continue to use 
rd.yahoo.com, g.msn.com, etc. not knowing they need to switch.

If the problem of open redirectors becomes endemic, we could have another RHSRBL that 
we could look up URLs against to determine whether they are an open redirector. This
would tell us whether we should try to resolve the redirect and could change dynamically
as we discovered new ones much the same way URLs are added to the standard blacklist.


On Wed, Apr 28, 2004 at 10:13:48AM +1200, Simon Byrnand wrote:
> Just spotted the following redirected URL in a spam. Doesn't look like it
> will be getting caught yet with the current redirector rules:
> http://images.google.ca/imgres?imgurl=gmib.free.fr/viagra.jpg&imgrefurl=http://www.google.com/url?q=http://www.google.com/url?q=%68%74%74%70%3A%2F%2F%77%77%77%2E%65%78%70%61%67%65%2E%63%6F%6D%2F%6D%61%6E%67%65%72%33%32
> Using images.google.ca as a redirector ? Thats a new one.... I'm not game
> to click on the link to see where it goes though... its from the same
> spammer that was blatently abusing the yahoo redirectors and msn ones...
> Is this a sign that the current system used in SpamCopURI (checking HTTP
> responses of specifically mentioned redirectors) is just going to play
> catchup all the time ?
> Regards,
> Simon
> _______________________________________________
> Discuss mailing list
> Discuss at lists.surbl.org
> http://lists.surbl.org/mailman/listinfo/discuss

More information about the Discuss mailing list