[SURBL-Discuss] Google-based redirector

Guy Rosen Guy.Rosen at bluesecurity.com
Sun Feb 26 17:15:12 CET 2006


Hi,
 
We've been seeing some spam that uses Google as a redirection URL. The
URL that makes this possible is:
http://www.google.com/url?q=URL
For example:
http://www.google.com/url?q=http://www.bluesecurity.com
 
This is letting spammers hide quite nicely from SURBLs. The redirector
has actually been around for a few months (e.g. in the strange spam
described in http://isc.sans.org/diary.php?storyid=847). Back then we
notified security at google.com, and we sent them another email again
today.
 
 
Guy Rosen
Lead Analyst, Operations Team
Blue Security
http://www.bluesecurity.com/



More information about the Discuss mailing list