Re: [sipx-users] Mailing lists harvested for sip attacks

Fri, 15 Oct 2010 05:15:11 -0700 

We could agree on a little more complicated format for rewriting the sip 
uri's.
Something like comDdomainAuser.

Paul

Michael Scheidell <[email protected]> wrote:

> a long time ago, in a galaxy far away........
> 'SPAM WARS'.
> MID 90's, we discussed similar things in the usenet groups 
> 'news.admin.net-abuse.email'.
> Seems that just complaining about being spammed got you on spam lists 
:-)
> On thing that COULD be done, is to obfuscate it in the 'official' 
> archives.  So that web url scanners don't pick them up.
> Doing in on the mailing list was hard, especially if you wanted to 
> support reading by 'non java' enabled mail clients.
> 
> Things that were done to mitigate it included obfuscating the email 
> address you posted with, and/or adding in spam trap addresses.
> We manually posted our 'email:user AT domain DOT com' in hopes that 
> helped. Spammers adapted. 
> So, post your sip url as sip:something  AT domain DOT com'  a human 
> could read it, hackers will need to adapt.
> MAYBE the mailing list software can apply a judicious amount of re-
> writting, but I don't recommend java script.
> (maybe a quick pass through sed,.. but then again, ) if you mismatch
> the a href with the display url, many anti-spam engines will tag it 
> a phishing address and might block it.

> -- 
> Michael Scheidell, CTO
> o: 561-999-5000
> d: 561-948-2259
> ISN: 1259*1300
> > | SECNAP Network Security Corporation 
> Certified SNORT Integrator
> 2008-9 Hot Company Award Winner, World Executive Alliance
> Five-Star Partner Program 2009, VARBusiness
> Best in Email Security,2010: Network Products Guide
> King of Spam Filters, SC Magazine 2008
> 
> This email has been scanned and certified safe by SpammerTrap®. 
> For Information please see http://www.secnap.com/products/spammertrap/
> 
> _______________________________________________
> sipx-users mailing list
> [email protected]
> List Archive: http://list.sipfoundry.org/archive/sipx-users/
_______________________________________________
sipx-users mailing list
[email protected]
List Archive: http://list.sipfoundry.org/archive/sipx-users/

Reply via email to