On Tue, May 26, 2009 at 06:10:34PM -0700, John Hardin wrote:
On Wed, 27 May 2009, Jason Haar wrote:
Why can't SURBL be expanded to support full URLs instead of just the
hostname? That way you could blacklist a.bad.domain as well as
xttx://tinyurl . com/redirect-to-bad-domain? Some form of
Yes. it immediately exposes a backchannel from the spam to the spammer,
thereby enabling a number of interesting security holes.
--j.
On Wed, May 27, 2009 at 05:25, Rob McEwen r...@invaluement.com wrote:
Jason Haar wrote:
Why can't SURBL be expanded to support
full URLs instead of just the
On Wednesday, May 27, 2009, 1:39:11 AM, Justin Mason wrote:
Yes. it immediately exposes a backchannel from the spam to the spammer,
thereby enabling a number of interesting security holes.
--j.
Yes, it's impractical for some of the reasons Rob mentions, and
it would also allow any of the
On Tuesday, May 26, 2009, 6:20:13 PM, Jason Haar wrote:
John Hardin wrote:
Better still, the tinyurl-esque services should vet the URLs people
submit against SURBL...
They actually do. When I was trying to test Jonas URLredirect plugin, it
was actually hard to get tinyurl.com to generate a
On 5/27/2009 11:00 AM, Jeff Chan wrote:
On Tuesday, May 26, 2009, 6:20:13 PM, Jason Haar wrote:
John Hardin wrote:
Better still, the tinyurl-esque services should vet the URLs people
submit against SURBL...
They actually do. When I was trying to test Jonas URLredirect plugin, it
was
Hi!
I just threw together a plugin that can check URLs for redirections, and
add whatever they redirect to to the message meta-data so that the true
destinations are checked by URIBLs etc.
It doesn't do this for all URLs in a message. I will only follow those
URLs it is specifically told to
On Tue, May 26, 2009 17:37, Jonas Eckerman wrote:
I just threw together a plugin that can check URLs for redirections, and
add whatever they redirect to to the message meta-data so that the true
destinations are checked by URIBLs etc.
http://wiki.apache.org/spamassassin/WebRedirectPlugin
Benny Pedersen wrote:
http://wiki.apache.org/spamassassin/WebRedirectPlugin
know this plugin ?
Yes. Though I hade forgotten it's name.
what is the diff in the testing ?
Reading the descriptions of the two plugins would have given you some
good hints. Reading the documentation (both have
Jonas Eckerman wrote:
Hi!
I just threw together a plugin that can check URLs for redirections,
and add whatever they redirect to to the message meta-data so that the
true destinations are checked by URIBLs etc...
I'm giving this a go and it looks good. I do wonder how companies like
On Wed, 27 May 2009, Jason Haar wrote:
Why can't SURBL be expanded to support full URLs instead of just the
hostname? That way you could blacklist a.bad.domain as well as
xttx://tinyurl . com/redirect-to-bad-domain? Some form of BASE64
encoding would be needed of course, but why not?
I'd
John Hardin wrote:
Sounds like a somewhat reasonable proposal to me.
Oh? I assumed someone else had thought of it before, and I was just
ignorant of the reasons against ;-)
Better still, the tinyurl-esque services should vet the URLs people
submit against SURBL...
They actually do. When I
Jason Haar wrote:
Why can't SURBL be expanded to support
full URLs instead of just the hostname? That way you could blacklist
a.bad.domain as well as xttx://tinyurl . com/redirect-to-bad-domain?
Some form of BASE64 encoding would be needed of course, but why not?
Because spammers could easily
12 matches
Mail list logo