Agreed. I'd wager most spammers don't have access to the nameservers where they host, except perhaps the larger ones. Excluding the subdomain from the hash would make the system even more effective - if you hashed "spamdomain.biz" the only way the spammer is going to get around that is by buying another domain, with the associated real World costs.
Daz > -----Original Message----- > From: Aleksander Adamowski > [mailto:[EMAIL PROTECTED] > Sent: 25 March 2004 12:46 > To: Justin Mason > Cc: John Andersen; [EMAIL PROTECTED] > Subject: Re: New Habeas information (on behalf of Des Cahill) > > > Justin Mason wrote: > > >Hey, I've been hoping would set something like this up for > *years*. ;) > >Simply hash up the URL -- or just take out the domain part -- > >and do an RHSBL lookup on it. All it needs is a server, > >it'd be trivial to look it up from SpamAssassin. > > > > > I suggest hashing up only the *domain part* of URL, otherwise > different > hashes will be resulting from those URLs: > http://spamdomain.biz/offer.php?randomstring=249asjkq73894q893 http://spamdomain.biz/offer.php?randomstring=12kj3h1k http://[EMAIL PROTECTED]/offer.php http://randomuserASRS543:[EMAIL PROTECTED]/offer.ph p Randomising a domain is much harder, as it requires support on the nameserver side: http://ve63n.spamdomain.biz/offer.php http://w3g8l.spamdomain.biz/offer.php -- Best Regards, Aleksander Adamowski GG#: 274614 ICQ UIN: 19780575 http://olo.ab.altkom.pl
