On 3/12/19 8:10 AM, Pedro David Marco wrote:
may i ask your opinion about how strong you score links that use HTTPS in the anchor but really go to HTTP ...
I don't have an opinion, but I do have a question:Are you referring to the text between the opening and closing anchor tags indicating "https://"; yet the actual href value being "http://";?
I would love to score them heavily but....
I can see the value in applying some score to such a discrepancy. But I wouldn't deduct from the score for (matching) "https://";.
It's been my experience that undesirables are more likely to adopt good technologies (like HTTPS) than desirableness. I think they do so partially in hopes that people will deduct from the spam score and thus gain more of a spam score budget to work with.
I am finding them very oftenly in newsletters and notifications from big manufacturers (among HTML errros, MIME errors, etc. in a great paradox because they "sell" email security and according to Gartner they are the "Masters of the Universe").
Ya. I've been known to send comments to the Postmaster and / or list administrator for things like that. Sometimes the generic "Contact Us" form on the website if it's a company I care about at all. It's usually a "Hi, you have <bla> problem. Please contact me at <details> if you'd like to know more." Sometimes I get a follow up email, sometimes I don't. I will say, that any time I do get a follow up email, the person on the other end is usually quite grateful for the notification.
It comes down to people don't know what's broken and as such can't fix it. Once they learn what's broken, they can prioritize fixing it as the business necessitates.
-- Grant. . . . unix || die
smime.p7s
Description: S/MIME Cryptographic Signature
