On 3/8/2011 4:46 PM, Yet Another Ninja wrote: > I'll never grasp why one would use one of those in mail.
Many legitimate social networks auto-generate shortened URLs. These then get copied into e-mails... sometimes in automated ways, sometimes via people copying a twitter post (or whatever) and then pasting that into an e-mail. Therefore, many of these make it into e-mails desired by recipients. At the same time, many of these URL shortening services are highly abused. For a while now, many of the most abused shorteners didn't have a very large footprint in legitimate mail. And the more legitimate services may have seemed to have much abuse, but really had a small amount in comparison to their legitimate uses. This made decisions to blacklist not that particularly difficult. As I understand it, what has occurred more recently is that some of the services which have a larger number of legitimate uses have had increasing amounts of abuse. In some cases, it seemed as though the abuse was flagrant... almost like the service felt it was "too big to list"... or maybe even was working with the spammers as partners in crime. Of course, I'm painting with broad strokes and not specifically mentioning any providers... but I think that is the context for understanding why SpamHaus felt that it was necessary to get more aggressive with blacklisting some of these services, even if some of those domains are found in legitimate e-mails. Now, with this other new zone, I think that Joseph Brennan when he stated that he could use this for scoring instead of blocking... for those redirectors which are heavily abused but have legit uses as well. -- Rob McEwen http://dnsbl.invaluement.com/ r...@invaluement.com +1 (478) 475-9032