Fred Bacon said: > I was looking at the contents of a piece of spam this morning, when I > saw something I've never seen before. I'm sure that its been around for > some time, but I'm interested to know how this actually works. > > My guess is that the second address is the one used, but I'm not certain > why it works. Is it taking advantage of a quirk or a feature of html? > > href="http://srd.yahoo.com/drst/microword/*http://www.qt323dss.com/ma/"; > > -- > Fred Bacon <[EMAIL PROTECTED]> > Aerodyne Research, Inc.
A feature of Yahoo, in fact. Yahoo will send a redirect when it gets an http request like that. It has legitimate uses, but is widely used by spammers. Yahoo should really lock it down somehow. See a previous discussion (Thread: "Abused Redirector URLs ?") here: http://www.mail-archive.com/cgi-bin/htsearch?method=and&format=short&config=spamassassin-talk_lists_sourceforge_net&restrict=&exclude=&words=Abused+redirector+URLs -- Chris Thielen Easily generate SpamAssassin rules to catch obfuscated spam phrases: http://www.sandgnat.com/cmos/ ------------------------------------------------------- This SF.net email is sponsored by: SF.net Giveback Program. Does SourceForge.net help you be more productive? Does it help you create better code? SHARE THE LOVE, and help us help YOU! Click Here: http://sourceforge.net/donate/ _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
