On Thu, 4 May 2017, Alex wrote:
Hi,
I found a local version which maybe did the trick
redirector_pattern
m'^https?:/*(?:\w+\.)?google(?:\.\w{2,3}){1,2}/url\?.*?(?<=[?&])q=(.*?)(?:$|[&\#])'i
Can you explain how to use that? Does it get scored?
see samples in 20_uri_tests.cf
Yes, but I don't understand how that equates to an eventual score.
Perhaps I don't understand regex's well enough, but I don't understand
what it does with the redirector site portion and the target portion.
It it probably not direct, it would let the redirected URL be exposed to
URI rules and URIBL checks.
I expect a basic accounts.google.com URI rule would be a good idea even if
a redirector pattern for this was added - is there any legitimate reason
for a "log in to your google account" URL to be in an email?
And where were you yesterday? :-)
probably doing work which pays the bills.
Thanks for all you do.
You're welcome...
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhar...@impsec.org FALaholic #11174 pgpk -a jhar...@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Where We Want You To Go Today 07/05/07: Microsoft patents in-OS
adware architecture incorporating spyware, profiling, competitor
suppression and delivery confirmation (U.S. Patent #20070157227)
-----------------------------------------------------------------------
4 days until the 72nd anniversary of VE day
