On 5/27/2009 11:00 AM, Jeff Chan wrote:
On Tuesday, May 26, 2009, 6:20:13 PM, Jason Haar wrote:
John Hardin wrote:
Better still, the tinyurl-esque services should vet the URLs people
submit against SURBL...
They actually do. When I was trying to test Jonas URLredirect plugin, it
was actuall
On Tuesday, May 26, 2009, 6:20:13 PM, Jason Haar wrote:
> John Hardin wrote:
>> Better still, the tinyurl-esque services should vet the URLs people
>> submit against SURBL...
>>
> They actually do. When I was trying to test Jonas URLredirect plugin, it
> was actually hard to get tinyurl.com to gen
On Wednesday, May 27, 2009, 1:39:11 AM, Justin Mason wrote:
> Yes. it immediately exposes a backchannel from the spam to the spammer,
> thereby enabling a number of interesting security holes.
> --j.
Yes, it's impractical for some of the reasons Rob mentions, and
it would also allow any of the f
Yes. it immediately exposes a backchannel from the spam to the spammer,
thereby enabling a number of interesting security holes.
--j.
On Wed, May 27, 2009 at 05:25, Rob McEwen wrote:
> Jason Haar wrote:
>> Why can't SURBL be expanded to support
>> full URLs instead of just the hostname? That wa
On Tue, May 26, 2009 at 06:10:34PM -0700, John Hardin wrote:
> On Wed, 27 May 2009, Jason Haar wrote:
>
>> Why can't SURBL be expanded to support full URLs instead of just the
>> hostname? That way you could blacklist "a.bad.domain" as well as
>> "xttx://tinyurl . com/redirect-to-bad-domain"? S
Jason Haar wrote:
> Why can't SURBL be expanded to support
> full URLs instead of just the hostname? That way you could blacklist
> "a.bad.domain" as well as "xttx://tinyurl . com/redirect-to-bad-domain"?
> Some form of BASE64 encoding would be needed of course, but why not?
Because spammers could
John Hardin wrote:
>
> Sounds like a somewhat reasonable proposal to me.
>
Oh? I assumed someone else had thought of it before, and I was just
ignorant of the reasons against ;-)
> Better still, the tinyurl-esque services should vet the URLs people
> submit against SURBL...
>
They actually do. Whe
On Wed, 27 May 2009, Jason Haar wrote:
Why can't SURBL be expanded to support full URLs instead of just the
hostname? That way you could blacklist "a.bad.domain" as well as
"xttx://tinyurl . com/redirect-to-bad-domain"? Some form of BASE64
encoding would be needed of course, but why not?
I'd
Jonas Eckerman wrote:
> Hi!
>
> I just threw together a plugin that can check URLs for redirections,
> and add whatever they redirect to to the message meta-data so that the
> true destinations are checked by URIBLs etc...
I'm giving this a go and it looks good. I do wonder how companies l
Benny Pedersen wrote:
http://wiki.apache.org/spamassassin/WebRedirectPlugin
know this plugin ?
Yes. Though I hade forgotten it's name.
what is the diff in the testing ?
Reading the descriptions of the two plugins would have given you some
good hints. Reading the documentation (both have P
On Tue, May 26, 2009 17:37, Jonas Eckerman wrote:
> I just threw together a plugin that can check URLs for redirections, and
> add whatever they redirect to to the message meta-data so that the true
> destinations are checked by URIBLs etc.
http://wiki.apache.org/spamassassin/WebRedirectPlugin
k
Hi!
I just threw together a plugin that can check URLs for redirections, and
add whatever they redirect to to the message meta-data so that the true
destinations are checked by URIBLs etc.
It doesn't do this for all URLs in a message. I will only follow those
URLs it is specifically told to
12 matches
Mail list logo
