[SURBL-Discuss] Re: Non-Clickable URI's

Jeff Chan jeffc at surbl.org
Tue Dec 7 09:20:36 CET 2004


On Monday, December 6, 2004, 7:35:30 AM, Chris Santerre wrote:
>>From: RD [mailto:bitoy at lawin.pinoy.org]

>>I've seen spams where spammers are using 
>>"Cut&Paste_this_URL_to_your_browser" method reason why spamassassin 
>>won't trigger SURBL database lookup.
>>
>>Is there a known workaround to catch this non-clickable URIs 
>>and trigger 
>>SURBL lookup?

> This is in the form of www . domain . com
> It was mentioned on the SURBL list, and I wrote a quick and dirty SA rule
> for it. Initial tests were dissmal. 

> Found 2 ham:
>> http :// www . drugstore . com / ivd0324
>> header copied into the body of a forward:
>>   X-Scanned-By: MIMEDefang 2.28 (www . roaringpenguin . com / mimedefang)

> Also hit 12 spam out of around 70k.

> A little more testing needed. But I think this shows that it isn't worth the
> rule. The links break and require end lusers to not only copy and paste, but
> edit the link to remove the spaces. Clearly more then most users would do. 

Yeah and it could cause them to pause and actually think about
what they're doing, which no spammer would want to happen.  :-)

Jeff C.
-- 
Jeff Chan
mailto:jeffc at surbl.org
http://www.surbl.org/



More information about the Discuss mailing list