On Wed, 27 May 2009, Jason Haar wrote:
Why can't SURBL be expanded to support full URLs instead of just the
hostname? That way you could blacklist "a.bad.domain" as well as
"xttx://tinyurl . com/redirect-to-bad-domain"? Some form of BASE64
encoding would be needed of course, but why not?
I'd suggest hex- or base64-encoding the MD5 hash of the URI, as is being
done in Email BL.
Isn't it true that antispam systems want to check email for known bad
websites? As such that is defined as bad FQDN and bad URLs that would
redirect users to the bad FQDN (ie redirectors).
Just asking :-)
Sounds like a somewhat reasonable proposal to me.
Better still, the tinyurl-esque services should vet the URLs people
submit against SURBL...
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhar...@impsec.org FALaholic #11174 pgpk -a jhar...@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
News flash: Lowest Common Denominator down 50 points
-----------------------------------------------------------------------
36 days since 9th Circuit incorporated 2nd Amdt - MSM still silent
