On 03/25/2011 04:59 AM, Matus UHLAR - fantomas wrote: > Are there REALLY that MANY massmailers that can not post > valid URL's? Something is rotten in the state od Denmark...
Yes. Here is an example of ham in this category (obfuscated from an opt-in newsletter I received a few days ago): > .. you can do so on my website at: www.example.org > [http://r20.rs6.net/tn.jsp?llr=t3gsdecfb&et=1204949082340&s=635&e=001QT_SegTbXU1N7K_IcTndRqXABrEhqSbxbIYhGmFwcCswh8kkaQwhQAma4PuTWPg1awoSp0UNBpvRfUEVliJItwZU4La1KsxUcV_nET7t-EcK0AEUgxApBBjsSLSUbjQZ4HxS17k1-0U=] > or in the mail at ... This is not uncommon. I've seen it in surveys sent as follow-ups to orders, in newsletters, in "ha ha you didn't opt out" ads from companies I previously had business with, and I'm sure a few other examples. Shortened URLs are also used for this. (I've never understood why they don't use a hash table for those tracking URLs so that they don't get truncated...) >> On 23/03/2011 4:36 PM, Adam Katz wrote: >>> Even with such a mechanism in place, it unduly penalizes the >>> little guys. On 03/25/2011 05:00 AM, Matus UHLAR - fantomas wrote: > even little guys should be able to send correct URLs Those are correct URLs. They merely track subscriber clicks in order to get statistics and report them back to their customer (the newsletter organizer or sales company). > On 23.03.11 16:42, Lawrence @ Rogers wrote: >> Agreed. It's just one of those impractical things and just ain't >> worth the effort. > > you have never received phishing attack of your domain, did you? If you intend this to target phishing, I would propose going the other direction with it -- instead of needing to whitelist the hundreds to thousands of sites that might do link tracking or another form of redirection, go the other way and mark popular phishing targets for this scan. Another option is to use a shortened URL detector and a bulk mail detector (like __NOT_A_PERSON) to cleanse the results, though I still think it would be clunky and FP-ridden.
signature.asc
Description: OpenPGP digital signature
