[SURBL-Discuss] More spams with Zdnet redirector

Nick Askew Nick at askew.nl
Thu Apr 7 11:58:19 CEST 2005 

The vast majority of people on the Internet do not know or care what ZDNet 
is. The only time they are going to see a ZDNet URL is when it arrives as 
part of some spam. They would quickly benefit if ZDNet was listed.

If I were to open my SMTP server so that any spammer could use it to 
redirect mail I'd be prepared to bet that I would end up (quite rightly) on 
a black list within hours and yet despite the warnings ZDNet have taken 
weeks and done next to nothing and are still not black listed.

Actually it's just occured to me that all this illicit spam traffic could be 
quite useful for someone running a redirector. All they need to do is make 
it look like you are open for a couple of weeks and get the spammers really 
interested. Then intercept the illegal redirects to create traffic for their 
own site. They can effectively spam anyone they want without having to worry 
about the implications because after all they didn't actually do anything 
wrong. I'll have to quickly create my own redirector and then sit back and 
wait for the hits.

Nick

Protect your domain from use by spammers. Set up an SPF record, read more 
about it here http://spf.pobox.com/.

-----Original Message-----
From: Jeff Chan <jeffc at surbl.org>
To: "Nick Askew" <Nick at askew.nl>
Cc: SURBL Discussion list <discuss at lists.surbl.org>
Date: Thu, 7 Apr 2005 00:13:53 -0700
Subject: Re: [SURBL-Discuss] More spams with Zdnet redirector

> On Wednesday, April 6, 2005, 11:58:31 PM, Nick Askew wrote:
> > Jeff,
> 
> > So it seems that there is an obvious loophole in SURBL. As long as
> the 
> > spammer uses a legitimate business running a redirector you will
> never black 
> > list them (perhaps the spammer could even set up their own legitimate
> > redirector). This open redirector discussion for ZDNET has been open
> for 
> > several weeks now, they have had more than ample warning. 
>  
> > Nick
> 
> No, it's not a loophole.  Programs like SpamAssassin and
> SpamCopURI correctly parse some redirection sites like
> g.msn.com and check the redirected-to site.
> 
> Jeff C.
> --
> "If it appears in hams, then don't list it."
> 
> _______________________________________________
> Discuss mailing list
> Discuss at lists.surbl.org
> http://lists.surbl.org/mailman/listinfo/discuss

More information about the Discuss mailing list