[SURBL-Discuss] RE: ZDNET redirecting to spammer websites?

Chris Santerre csanterre at MerchantsOverseas.com
Tue Mar 22 15:37:57 CET 2005



>-----Original Message-----
>From: Jeff Chan [mailto:jeffc at surbl.org]
>Sent: Tuesday, March 22, 2005 7:23 AM
>To: users at spamassassin.apache.org; SURBL Discuss
>Subject: Re: ZDNET redirecting to spammer websites?
>
>
>On Tuesday, March 22, 2005, 4:13:33 AM, Bobby Rose wrote:
>> Even though zdnet.com shouldn't be in SURBL, wouldn't having
>> chkpt.zdnet.com (the actually site doing the redirect) be in SURBL?
>
>Good thought, but there are two problems with that:
>
>1.  SURBLs usually list only registered domains like zdnet.com
>and not subdomains.  Obviously we're not going to blacklist
>zdnet.com; it has too many legitimate uses.
>
>2.  Similarly we can't list chkpt.zdnet.com.  It's being abused,
>but it clearly has legitimate uses too.
>

C&C warning. 

I agree with Jeff :) 

However I don't agree with a new mechanism in SA for scanning being the
solution. ZDnet needs to shut this down and secure it. End of story. Even
with a simple rule for SA you can tag it, but that doesn't help the people
who don't use SA and will be fooled into installing malware thru this
redirect. It has to be fixed. Its already been too long. 

--Chris 


More information about the Discuss mailing list