Jump to content
Sign in to follow this  
cputerace

Follow TinyURL Redirection

Recommended Posts

If you dont know, TinyURL allows a long URL to be shortened to the form:

http://tinyurl.com/7tdqy

Spammers have started using this to mask their spammed URL.

Currently, TinyURL and its ISP get the spam reports.

How hard would it be to have the engine follow the redirect from tinyURL URL's it sees and instead report on the redirected URL?

-Mike

Share this post


Link to post
Share on other sites
How hard would it be

29977[/snapback]

I didn't write the code, but I'll assume it's not overly trivial without following the actual link, which could have embedded identifiers in it, which would verify your email address to the spammer. Plus, SC would then be dependent on contacting another server before it could process the spam.

Now, it's possible that SC could somehow set up a system with TinyURL whereby it could access the database without actually activating the link (i.e., spam server never knows). But that's another whole level of complexity. And as has been mentioned previously, finding the spamvertised website source is a secondary goal. If TinyURL gets annoyed, it can request that it not receive the reports.

Share this post


Link to post
Share on other sites

sorry to double post but,

from the TinyURL TOS:

Terms of use:

TinyURL was created as a free service to make posting long URLs easier. Using it for spamming or illegal purposes is forbidden and any such use will result in the TinyURL being disabled and you will be reported to all ISPs involved and to the proper governmental agencies. This service is provided without warranty of any kind.

so, they might actually be happy getting the report, and they say they'll deactivate and report appropriately. So even the spamsite has a spam friendly ISP that would leave the site up, killing the TinyURL would kill all the spammed links to the site, and be very effective in drying up the well, so to speak.

Edited by Jank1887

Share this post


Link to post
Share on other sites

I am still in favor of notifying redirection providers as well as actual webhosts, whether the redirection providers are yahoo, tinyurl, makeashorterlink, or anyone else.

Share this post


Link to post
Share on other sites
I am still in favor of notifying redirection providers as well as actual webhosts,

30040[/snapback]

me too, but if I remember correctly, yahoo and others haven't disguised the destination. It's still embedded in the redirect link, no? So a little string manipulation code gets you the actual destination. TinyURL doesn't have that, so you'll need to interact directly with them and their servers to make that happen, which sounds like a non-trivial task on many fronts.

Share this post


Link to post
Share on other sites
I am still in favor of notifying redirection providers as well as actual webhosts, whether the redirection providers are yahoo, tinyurl, makeashorterlink, or anyone else.

30040[/snapback]

Like snipurl.

Share this post


Link to post
Share on other sites
me too, but if I remember correctly, yahoo and others haven't disguised the destination.  It's still embedded in the redirect link, no?  So a little string manipulation code gets you the actual destination.  TinyURL doesn't have that, so you'll need to interact directly with them and their servers to make that happen, which sounds like a non-trivial task on many fronts.

30095[/snapback]

Or http://kuso.cc/

I'm the KUSO.CC webmaster :(

So far I had receive two messages from SpamCop

and it is the same problem on how to detect the mail spamer

using our service to short their URL :(

Share this post


Link to post
Share on other sites
Or http://kuso.cc/

I'm the KUSO.CC webmaster  :(

So far I had receive two messages from SpamCop

and it is the same problem on how to detect the mail spamer

using our service to short their URL  :(

31988[/snapback]

Is it possible to create an interface to allow spamcop easy access to the original link or something? If possible, you may want to contact the deputies<at>spamcop.net to see if they (Julian) are interested in such an interface. I would still expect you to receive a report about the use of your link in the spam, but it would allow reports to go to the actual host of the spam as well.

Share this post


Link to post
Share on other sites

How hard would it be to have the engine follow the redirect from tinyURL URL's it sees and instead report on the redirected URL?

I know that this topic is old, but I have been getting a lot of tinyurl spam lately. Recently (or maybe not so recently?) they added an option that allows you to to a reverse lookup rather than just blindly following the link. The url to get the reverse lookup is: http://tinyurl.com/preview.php?num=xxxxx where the xxxxx represents the tinyurl link. It would be trivial to scrape the resulting page for this address, though I doubt that spamcop wants to get into the scraping business.

For now, I resolve the url myself and manually add the host of the site to the "user" email field... is this a good idea?

Share this post


Link to post
Share on other sites
<snip>

For now, I resolve the url myself and manually add the host of the site to the "user" email field... is this a good idea?

...A couple of questions:
  • How do you determine the e-mail address of the host?
  • Do you add a note somewhere so that whoever reads the complaint knows why you are reporting to her/him?

Share this post


Link to post
Share on other sites
How do you determine the e-mail address of the host?

I run the un-obfuscated url through spamcop directly and cut-and-paste the contact email.

Do you add a note somewhere so that whoever reads the complaint knows why you are reporting to her/him?

D'oh! No, and I should have thought to do that!

Share this post


Link to post
Share on other sites
<snip>

How do you determine the e-mail address of the host?

<snip>

I run the un-obfuscated url through spamcop directly and cut-and-paste the contact email.

<snip>

...Sounds like you're on the right track!

...Follow-up question: how do you get from the parser output that results from running the url through SpamCop to the parse of the original spam to add the address? Two browser windows? If so, I see no problem with what you're doing. However, I would suggest you pass it by the SpamCop Deputies (deputies[at]admin.spamcop.net) to get their okay.

Share this post


Link to post
Share on other sites

I've seen a couple other redirectors being used...particularly geocities, linkshield, hyperurl, and redirx...in order to "hide" the spamvertized URLs....but I think most of these URL services probably take removal requests more seriously than the spamvertized site hosts themselves; I mean how many reports have you sent to contact addresses in China/Japan/Russia/Romania...? They are still alive ;)

From my reporting experience, GeoCities seems to take down pages within 12 hours of notice (give or take, on the weekends...)

Google is touchy, they don't take abuse reports via e-mail, but have had good success reporting and removing GooglePages spam using the form at http://www.google.com/support/pages/bin/re...pe=abuse_spam...

Who knows, maybe someone could make a java scri_pt bookmarklet that could auto-fill in the Name, Address fields, leaving us to only need to fill in the URL and paste-in of the full headers...?

Blogspot blogs also appear in spam on ocassion, for them, they want reports filed at http://help.blogger.com/?page=troubleshoot...Submit=Continue - far simpler form than the GooglePages form ;)

If you are interested in reporting spamvertized domains - you will probably have better luck using the Complainterator program over at complainterator.com - which allows complaining directly to the registrar and name servers allowing these domains access on the Internet.

Share this post


Link to post
Share on other sites

Follow-up question: how do you get from the parser output that results from running the url through SpamCop to the parse of the original spam to add the address? Two browser windows? If so, I see no problem with what you're doing. However, I would suggest you pass it by the SpamCop Deputies (deputies[at]admin.spamcop.net) to get their okay.

Somehow I missed your message, so sorry for the late reply.

Yes, I was using two tabs - one for running the "resolved" addresses through and one for the actual spam. Lots of cutting and pasting :)

Since that flurry that I had, I haven't had any more spams with tinyurl redirects, so I haven't emailed the deputies - but I will take your advice and do that if they start up again.

Thanks!

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×