Ben Poliakoff wrote to [EMAIL PROTECTED]:
[ resending in case the original message was blocked - apologies for the duplication ]
Are others seeing a lot of spam that contain this sort of thing:
Not any that make it through. :-)
> Collect $20 to play our internet casino with, no deposit is > necessary! Type in: MUNGEDgaming-money.com into your address > bar, At the software cashier enter bonus code: FR93P
Seems like they're being specifically crafted to avoid being caught by URI scanners.
Yes.
If you add "http://"; to "MUNGEDgaming-money.com" both SA 2.63 with SpamCopURI and SA 3.0rc2 register SURBL hits (the domain is listed in several SURBL zones). But the bare domain name doesn't hit.
Yes.
Of course such spam may not become really widespread since the user is presumably forced to type in the URL. Nevertheless it's frustrating to see it slip through the net.
Thoughts?
It shouldn't be too hard to adjust the code to snag bare domains from each email. I.e., anything on a word boundary that ends in (any one of some list of TLDs), or, even naievely, some less-accurate regular expression along the lines of /\b(.+?)\.[a-z]{2,}\b/i . This would result in more queries to the SURBL servers, but perhaps the tradeoff would be worth it, if enough spam like this came in.
Of course, then spammers will further munge the domains, to gaming-money dot com and whatnot, making it even more difficult for users to reply to their offer, which is a good thing. The more we can force spammers to frustrate that infinitesimal percentage of idiots out there and prevent them from responding, the better.
This reminds me of those TV scams encouraging kids to dial 1-900 numbers (for those outside of North America, 1-900 numbers have a per-minute charge that profits the owner of the 1-900 number). First, they did it honestly. They paid for a TV add saying, "Dial this number to talk to a real psychic, for only $2/minute". When that stopped working, they tried all kinds of tricks. At one point, one ad I remember (which, thankfully, wasn't on the air for long) was something along the lines of, "Hey, kids! Want to play a fun game? Pick up your phone and hold it up to the TV". A few seconds later, they would play the dialing tones for the 1-900 number through the TV speaker. Kid soon gets bored and walks away leaving the phone off the hook. Parents get astronomical phone bill. Bastards. :-)
- Ryan
-- Ryan Thompson <[EMAIL PROTECTED]>
SaskNow Technologies - http://www.sasknow.com 901-1st Avenue North - Saskatoon, SK - S7K 1Y4
Tel: 306-664-3600 Fax: 306-244-7037 Saskatoon Toll-Free: 877-727-5669 (877-SASKNOW) North America
