>-----Original Message----- >From: Jeff Chan [mailto:[EMAIL PROTECTED] >Sent: Tuesday, March 22, 2005 7:23 AM >To: [email protected]; SURBL Discuss >Subject: Re: ZDNET redirecting to spammer websites? > > >On Tuesday, March 22, 2005, 4:13:33 AM, Bobby Rose wrote: >> Even though zdnet.com shouldn't be in SURBL, wouldn't having >> chkpt.zdnet.com (the actually site doing the redirect) be in SURBL? > >Good thought, but there are two problems with that: > >1. SURBLs usually list only registered domains like zdnet.com >and not subdomains. Obviously we're not going to blacklist >zdnet.com; it has too many legitimate uses. > >2. Similarly we can't list chkpt.zdnet.com. It's being abused, >but it clearly has legitimate uses too. >
C&C warning. I agree with Jeff :) However I don't agree with a new mechanism in SA for scanning being the solution. ZDnet needs to shut this down and secure it. End of story. Even with a simple rule for SA you can tag it, but that doesn't help the people who don't use SA and will be fooled into installing malware thru this redirect. It has to be fixed. Its already been too long. --Chris
