[SURBL-Discuss] html hex codes used in links

Matthew.van.Eerde at hbinc.com Matthew.van.Eerde at hbinc.com
Mon Apr 3 23:10:26 CEST 2006


Nathan Barham wrote:
> I received a phishing scam yesterday where the domain part of the evil
> link was in html hex code.  This seems to defeat any SURBL listing. 
> I'm using a postfix body check to handle it now, but does anyone have
> a better idea?

It could be worse.  They could be using javascript to factor a given product of large primes, and then using the factors to build the IP address.

-- 
Matthew.van.Eerde (at) hbinc.com               805.964.4554 x902
Hispanic Business Inc./HireDiversity.com       Software Engineer



More information about the Discuss mailing list