On 10/15/10 7:43 AM, Tony Graziano wrote:
Obfuscation is technically feasible or not?
a long time ago, in a galaxy far away........
'SPAM WARS'.
MID 90's, we discussed similar things in the usenet groups
'news.admin.net-abuse.email'.
Seems that just complaining about being spammed got you on spam lists :-)
On thing that COULD be done, is to obfuscate it in the 'official'
archives. So that web url scanners don't pick them up.
Doing in on the mailing list was hard, especially if you wanted to
support reading by 'non java' enabled mail clients.
Things that were done to mitigate it included obfuscating the email
address you posted with, and/or adding in spam trap addresses.
We manually posted our 'email:user AT domain DOT com' in hopes that
helped. Spammers adapted.
So, post your sip url as sip:something AT domain DOT com' a human
could read it, hackers will need to adapt.
MAYBE the mailing list software can apply a judicious amount of
re-writting, but I don't recommend java script.
(maybe a quick pass through sed,.. but then again, ) if you mismatch the
a href with the display url, many anti-spam engines will tag it a
phishing address and might block it.
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
ISN: 1259*1300
> *| *SECNAP Network Security Corporation
* Certified SNORT Integrator
* 2008-9 Hot Company Award Winner, World Executive Alliance
* Five-Star Partner Program 2009, VARBusiness
* Best in Email Security,2010: Network Products Guide
* King of Spam Filters, SC Magazine 2008
______________________________________________________________________
This email has been scanned and certified safe by SpammerTrap(r).
For Information please see http://www.secnap.com/products/spammertrap/
______________________________________________________________________
_______________________________________________
sipx-users mailing list
[email protected]
List Archive: http://list.sipfoundry.org/archive/sipx-users/
