[SURBL-Discuss] Redirectors and SURBLs

Rakesh rakesh at netcore.co.in
Tue Apr 19 14:13:33 CEST 2005


Justin Mason wrote:

>>
>>>SpamAssassin is currently limited to identifying redirectors that 
>>>require 'http(s)' to be in the URI.  So it won't detect domains 
>>>redirected to by the zdnet redirector and any other similar ones.
>>>      
>>>
>>>Daryl
>>>      
>>>
>>Right.  And obfuscation of the redirected-to "http" seems to be
>>enough to confuse SA 3 into not extracting the second URI.  Maybe
>>we should make a Bugzilla ticket about that?
>>    
>>
>
>if you find one that SpamAssassin 3.1.0 doesn't decode correctly,
>sure ;)   I thought we had those nailed.
>
>  
>

Ok I checked this with the latest snapshot version of spamassassin 
(SpamAssassin version 3.1.0-r161778)

it works if the redirector is like

https://www.g00dl1fe.com/42.asp/http:/sheenier.net/soft/

or

https://www.g00dl1fe.com/42.asp/http://sheenier.net/soft/


 0.6 URIBL_SBL              Contains an URL listed in the SBL blocklist
                            [URIs: g00dl1fe.com sheenier.net]
 2.0 URIBL_AB_SURBL         Contains an URL listed in the AB SURBL blocklist
                            [URIs: sheenier.net]
 1.6 URIBL_JP_SURBL         Contains an URL listed in the JP SURBL blocklist
                            [URIs: g00dl1fe.com sheenier.net]
 0.5 URIBL_WS_SURBL         Contains an URL listed in the WS SURBL blocklist
                            [URIs: g00dl1fe.com sheenier.net]
 2.0 URIBL_OB_SURBL         Contains an URL listed in the OB SURBL blocklist
                            [URIs: g00dl1fe.com sheenier.net]
 3.9 URIBL_SC_SURBL         Contains an URL listed in the SC SURBL blocklist
                            [URIs: g00dl1fe.com sheenier.net]


But it fails to extract the "rdx56.info" from the redirector of Zdnet.

 http://chkpt.zdnet.com/chkpt/howbad/rdx56.info/p/yo

where rdx50.info is listed in JP, WS, OB and SC surbls

I think we need to work on FQDN appearing as string in the url.

-- 
Regards, 
Rakesh B. Pal
Project Leader
Emergic CleanMail Team.
Netcore Solutions Pvt. Ltd.

-------------
Revolutions do not require corporate support.




More information about the Discuss mailing list