All:
Mark Perkel brought up on the users list that he's seeing a lot of
mixed-case URIs in spam lately.
I did a quick grep of URI rules and there are quite a few that are
case-sensitivei, probably unintentionally. It might be a good idea for
everybody to audit their sandbox and make sure that any URI rules that
aren't specifically looking for case-based patterns are case-insensitive.
For example:
DOS_GOOGLE_DOCS /^http:\/\/docs\.google\.com\/View\?id=/
This would be easy for a spammer to avoid.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
[email protected] FALaholic #11174 pgpk -a [email protected]
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Any time law enforcement becomes a revenue center, the system
becomes corrupt.
-----------------------------------------------------------------------
Tomorrow: Veterans Day
