[SURBL-Discuss] Redirectors and SURBLs

Jeff Chan jeffc at surbl.org
Sun Apr 17 09:54:57 CEST 2005


On Saturday, April 16, 2005, 11:43:30 PM, Daryl O'Shea wrote:
> Jeff Chan wrote:
>> Yes, urirhssub in SpamAssassin 3 will check every visible URI, even
>> if it's mentioned within a redirector:
>> 
>>   http://some.redirector.com/blah/blah/http://some.othersite.com/
>> 
>> Both redirector.com and othersite.com above would get checked,
>> and including some variations on those.  But http://tinyurl.com/blah
>> won't get the redirected-to site checked since it's invisible in
>> the original message.

>> Perhaps the SpamAssassin and SpamCopURI authors can provide more
>> detailed info, corrections, etc. on the above, but the quick
>> answer is that some provisions for checking redirected-to sites
>> is already in place.

> SpamAssassin is currently limited to identifying redirectors that 
> require 'http(s)' to be in the URI.  So it won't detect domains 
> redirected to by the zdnet redirector and any other similar ones.

> Daryl

Right.  And obfuscation of the redirected-to "http" seems to be
enough to confuse SA 3 into not extracting the second URI.  Maybe
we should make a Bugzilla ticket about that?

Jeff C.
--
"If it appears in hams, then don't list it."



More information about the Discuss mailing list