[SURBL-Discuss] google is open redirector
Rakesh
rakesh at netcore.co.in
Wed Mar 23 16:29:00 CET 2005
Matthew Wilson wrote:
>By the way, my only suggestion to combat this is to have the surbl
>client send an http request to google, to see what redirect site is
>returned, and then check *that* site in SURBL or in the other redirects.
>If the use of this technique picks up, google is going to have that
>additional burden.
>
>
>
This is a serious concern. But your suggestion would need a pretty
good amount of change in code and similar technique can probably be used
in other search engines. so first the code need to check whether the URL
contains google or not and then fire the url and trap back the response.
That may cause more delay in the reply. As SURBL works on the DNS
resolution and not on dynamic queries for every mails. Which will be
required in this case.
What best we can do is look for FQDNs in the urls and if we find any
also check them against SURBLs.
>Who really uses the "I'm Feeling Lucky" button anyway?
>
>
>
--
Regards,
Rakesh B. Pal
Emergic CleanMail Team.
Netcore Solutions Pvt. Ltd.
========================================================================
"First they ignore you. Then they laugh at you.
Then they fight you. Then you win."
- M. Gandhi
========================================================================
More information about the Discuss
mailing list