[SURBL-Discuss] Re: embedded image spams

Sean Sowell sean at twin-dad.com
Tue May 31 19:30:36 CEST 2005


On Tuesday, May 31, 2005 0300, Jeff C. wrote:

>> Yes, please, if you could mention the ones over the past couple
>> days we'll look into them.  Some of the ones you mentioned
>> earlier are already blacklisted, so we'd like to analyze the
>> unlisted recent ones to see how we can list them sooner.

> By the way, just to sanity check things, these are the domains in
> message body URIs and not headers, right?  I ask because it's
> somewhat unusual to have two sets of domains in a given spam,
> and SURBLs are meant to operate on message body URIs and not
> headers.

Yes, in the body only.  Frequently, these things include an image of a text
disclaimer/opt-out notice at the bottom.  Rolling over the image shows the
hyperlinked URI, but the text within the image itself shows a different
domain.



More information about the Discuss mailing list