On Thu, 5 Jul 2007, Kelson wrote: > > On Tue, 3 Jul 2007, Matt wrote: > > > >> Why can't Spamassassin do like a MD5 hash of any URL's in a > >> message and check them against a database? I just think it would > >> help catch things like: geocities.com/spamer123/ or > >> spamer123.tripod.com and etc. > > The concept might still be useful for specific known "grey" hosts > with a mix of legit sites and spam sites -- geocities, tripod, > blogspot, etc. --where the URL patterns are known. If you know > the pattern is account.example.com, or example.com/account, then > throw away the rest of the URL and list/lookup the base pattern.
True. The plugin doing the analysis would have a list of domains and slice points (how much of the URL to discard before hashing). I presume the MD5 sum would be checked via a DNS lookup? That would be the only way to get a reasonable response time for new URLs to block. -- John Hardin KA7OHZ http://www.impsec.org/~jhardin/ [EMAIL PROTECTED] FALaholic #11174 pgpk -a [EMAIL PROTECTED] key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 ----------------------------------------------------------------------- If someone has a gun and is trying to kill you, it would be reasonable to shoot back with your own gun. -- the Dalai Lama, May 15, 2001 ----------------------------------------------------------------------- 2 days until Robert Heinlein's 100th birthday
