January 23rd, 2007


url blacklists

One of the most useful antispam techniques of late has been the "URL blacklist". This compares all URLs found within a message body against one or more global lists of URLs that are related to spam. SpamAssassin uses several such blacklists together and performs very well.

Recently I have seen a couple of messages leak through my filters that contain text such as this:

http://www.px555*com ( Do not forget to replace "*" with "." )

Another one used a different instruction like "remove the * from the middle". Looks like SpamAssassin needs to implement a more relaxed check for spammy urls.

But really, who is it that keeps buying stuff from these spammers even with such anti-anti-spam measures in place? What kind of person thinks these are legitimate businesses with the customer's best interests in mind?