[SURBL-Discuss] SURBL reports on short links that don't exist or aren't blacklisted

Raymond Dijkxhoorn raymond at prolocation.net
Thu Aug 4 09:29:56 CEST 2011


Hi!

> So from my POV as operator of the link shortener, so long as I keep an 
> eye on things and make sure our protection system is working and 
> reported links return 404's I shouldn't really worry about the SURBL 
> notifications too much?

SURBL does check the links before sending.

A good thing would be to provide a API 'like the big redirectors alleady 
do' where we can check things on.

BIT.LY for example has a API we use for checking if a link is available or 
not.

> Not sure if this is material to this discussion or not.  This morning,
> we got some spam with URL's in it that pointed to fake 404 pages, which
> then tried to download a trojan exe from yet another site.

Exactly. A 404 doesnt tell much. In fact. To make this more specific. 
There are botnets that give a 404 or alike codes if you are outside the 
US. So they can target specific audience. Those codes cant be really 
trusted in cases like this.

Remember, if you get reports of abuse, in 99.9% of the times there is 
something going on. You can ignore them and think you are ok. Most of the 
times thats whishfull thinking however.

Bye,
Raymond.



More information about the Discuss mailing list