2018-02-27 9:03 GMT-03:00 Rob McEwen <r...@invaluement.com>: > On 2/26/2018 1:00 PM, Kevin A. McGrail wrote: > > DecodeShortURLs has been on my list of must-have plugins for years, so > I was a little surprised it took so long for someone to mention it > in this thread. > > Yeah, my firm is going to look at subsidizing it's addition to SA and > Karsten agreed. Just trying to get the time. > > > Kevin, > > Excellent! Also... for those situations where there are multiple cascading > redirecting websites (after the initial URL shortners link found in the > message), please consider having an option for *every* non-whitelisted URI > in the chain to be added to the checks against blacklists. OFTEN - every > single domain in that chain (past the initial URL shortner) is a > compromised web site or spammer's website, not just the final destination > web site. >
Also, you can put more than one shortener (not only hacked websites) inside same chain: http://bit.ly/2GLA8Ss => https://goo.gl/5fnqaC => http://spfbl.net/en/uribl/ Our script can already solve this chain: root@mx-br:/home/ubuntu# ./uribl.pl "http://bit.ly/2GLA8Ss"; (spfbl.net) is not listed in 'uribl.spfbl.net'. Kevin. You can use our script as model to your own implementation. > -- > Rob McEwenhttps://www.invaluement.com > > >
