[SURBL-Discuss] More spams with Zdnet redirector
Nick at askew.nl
Thu Apr 7 11:58:19 CEST 2005
The vast majority of people on the Internet do not know or care what ZDNet
is. The only time they are going to see a ZDNet URL is when it arrives as
part of some spam. They would quickly benefit if ZDNet was listed.
If I were to open my SMTP server so that any spammer could use it to
redirect mail I'd be prepared to bet that I would end up (quite rightly) on
a black list within hours and yet despite the warnings ZDNet have taken
weeks and done next to nothing and are still not black listed.
Actually it's just occured to me that all this illicit spam traffic could be
quite useful for someone running a redirector. All they need to do is make
it look like you are open for a couple of weeks and get the spammers really
interested. Then intercept the illegal redirects to create traffic for their
own site. They can effectively spam anyone they want without having to worry
about the implications because after all they didn't actually do anything
wrong. I'll have to quickly create my own redirector and then sit back and
wait for the hits.
Protect your domain from use by spammers. Set up an SPF record, read more
about it here http://spf.pobox.com/.
From: Jeff Chan <jeffc at surbl.org>
To: "Nick Askew" <Nick at askew.nl>
Cc: SURBL Discussion list <discuss at lists.surbl.org>
Date: Thu, 7 Apr 2005 00:13:53 -0700
Subject: Re: [SURBL-Discuss] More spams with Zdnet redirector
> On Wednesday, April 6, 2005, 11:58:31 PM, Nick Askew wrote:
> > Jeff,
> > So it seems that there is an obvious loophole in SURBL. As long as
> > spammer uses a legitimate business running a redirector you will
> never black
> > list them (perhaps the spammer could even set up their own legitimate
> > redirector). This open redirector discussion for ZDNET has been open
> > several weeks now, they have had more than ample warning.
> > Nick
> No, it's not a loophole. Programs like SpamAssassin and
> SpamCopURI correctly parse some redirection sites like
> g.msn.com and check the redirected-to site.
> Jeff C.
> "If it appears in hams, then don't list it."
> Discuss mailing list
> Discuss at lists.surbl.org
More information about the Discuss