On Thu, Jan 06, 2011 at 07:05:05AM -1000, Warren Togami Jr. wrote: > On Wed, Jan 5, 2011 at 2:41 AM, Warren Togami Jr. <wtog...@gmail.com> wrote: > > > The only trouble here is HTTP's TCP handshake and teardown is significantly > > slower than DNSBL and URIBL lookups already used in spamassassin. My > > average scan time is less than one second. A plugin that catches the 1% of > > URL shortening spam is only worthwhile if it doesn't slow down your mail > > scanning considerably. Doing the HTTP query asynchronously would help, but > > I fear that this could easily add several seconds per mail. > > > > Warren > > > > Another problem... spammers could intentionally max out the number of > shortener URL's per spam. The URL's don't even have to be real. Any random > garbage after the domain name will trigger a HTTP get, and render the local > cache useless. HTTP get could happen dozens or hundreds of times a minute > until the shortening service decides to block the spamassassin IP.
There are lots of plugins out there that aren't part of the core for one reason or another. If you ask me, this is one of them. It just asks trouble widely used. It's not the only way to solve the problem anyway. And the problem itself is somewhat "temporary" in nature, just like image spam was etc.
