https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7282
Bug ID: 7282
Summary: SURBL: New CR (cracked sites) sublist
Product: Spamassassin
Version: SVN Trunk (Latest Devel Version)
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: P2
Component: Rules
Assignee: [email protected]
Reporter: [email protected]
New CR (cracked sites) sublist
New CR (cracked sites) sublist and UriQ (URI query) API
December 19, 2015
CR (cracked sites) sublist to be added to multi.surbl.org
SURBL traditionally lists hosts (domains and IPs) owned by abusers,
but as blacklisting their own hosts has impacted them, some have
switched to using cracked third party sites. Criminals steal
credentials or exploit vulnerabilities to break into sites to upload
malicious pages, including redirectors that forward browsers to other
sites. Often, only the cracked URIs will appear in abusive messages.
To better handle such sites we are creating the new CR sublist to
identify cracked hosts. The new list uses bitmask value 128. Since
this value was previously unused, there should be no compatibility
issues with existing applications that use SURBL data and only test
for previously defined bitmask values.
--
You are receiving this mail because:
You are the assignee for the bug.
