[SURBL-Discuss] Re: ZDNET redirecting to spammer websites?

Jeff Chan jeffc at surbl.org
Tue Mar 22 06:37:59 CET 2005


On Monday, March 21, 2005, 11:32:45 AM, Bobby Rose wrote:
> Wouldn't this just be something that SURBL should take care of?  If this
> URL is the source of spam then it should be in SURBL regardless if it's
> in the zdnet.com domain.  Right!?

Which domain are you referring to?

zdnet.com should not be in SURBLs because it has too many
legitimate uses.  If we listed zdnet.com that would surely result
in false positives.

On the other hand viags.com and simply-rx.net should be listed in
SURBLs, *and they are*.

What's needed is for applications like SpamAssassin to parse the
redirection correctly and check both zdnet.com and viags.com.
zdnet.com should not match SURBLs, but viags.com should.

QED.

Jeff C.
__

> -----Original Message-----
> From: Rosenbaum, Larry M. [mailto:rosenbaumlm at ornl.gov] 
> Sent: Monday, March 21, 2005 10:35 AM
> To: users at spamassassin.apache.org
> Subject: ZDNET redirecting to spammer websites?

> We received a drug spam containing the following URL:

> http://chkpt.zdnet.com/chkpt/supposedtoallow/fdl%2ev%69%61%67%73.co%6d/p
> /b/kmioa

> This URL will actually take you to fdl.viags.com (which then goes to
> www.simply-rx.net).  As far as I know, the SA SURBL check will check
> zdnet.com, not the spammer domain viags.com.  What is going on here, and
> what should we do about it?

> Larry




Jeff C.
-- 
Jeff Chan
mailto:jeffc at surbl.org
http://www.surbl.org/



More information about the Discuss mailing list