On Sat, 11 Jul 2009, Jason L Tibbitts III wrote:
I still wonder, though, if we shouldn't be turning these back into hostnames and looking them up in the regular URI blacklists....
Given the obvious objections to having the primary URIBL mechanism try to parse obfuscations, I once again question why we cannot have some sort of mechanism for 'capturing' the values of ordinary tests (such as the overly comnplex rule to catch these uribl obfuscations) and then have that value to manually feed to another test? There would be some interesting details to such a thing, for instance, if a rule matches more than one obfuscated URI, the 'capture' mechansim would have to somehow 'deliver' each captured value as an iteration of any check/test that included it....
But for cases like this URI stuff, something 'flexible' is needed.... - Charles
