On Tue, 3 Jul 2007, Matt wrote: > Why can't Spamassassin do like a MD5 hash of any URL's in a > message and check them against a database? I just think it would > help catch things like: geocities.com/spamer123/ or > spamer123.tripod.com and etc.
Too easy to defeat using a URI with random parameters pointing to a PHP et. al. page that ignores parameters (assuming you include parameters in the hash) or via wildcard DNS using random third- or fourth-level hostnames. -- John Hardin KA7OHZ http://www.impsec.org/~jhardin/ [EMAIL PROTECTED] FALaholic #11174 pgpk -a [EMAIL PROTECTED] key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 ----------------------------------------------------------------------- It there a Special Olympics for terrorists going on in the UK this week? -- Bruce Schneier, 07/02/2007 ----------------------------------------------------------------------- Tomorrow: The 231st anniversary of the Declaration of Independence
