Everything posted by HoggerJeff
Thanks for the assistance. I will abide by those rules with no problems. I do understand that browsers will not be able to resolve links with double "http://" in them, but perhaps the spammers are hoping some unsuspecting sucker sees that as well and deletes one in the address bar. That way they get around services like spamcop flagging their website, and they get their clicks to the site. Heck... that's what I would do as a spammer who knows how spamcop works....
Thanks for the reply and I will stop making the changes to the spam bodies. It seems kind of odd, but while I was making the changes to get the parser to recognize the links, every single one of them resolved to the same host isp with the same reporting addresses. Anyhow, one more thing - what about spam with NO body? The service won't accept an email if there is no body to it, but someone is still sending out spam. Is it fair to add a single character to the body to get the parser to send a report to the source of the spam, or is that also a no-no?
I have been receiving a lot of spam with "3D" tagged links that have the "http://" at the beginning twice. When I submit these emails for processing, the link is not resolved and no report is sent to the spammed website admin. Could the code be tweaked to catch something like this and remove the second "http://"? I have been doing that manually before I submit the email source for processing, but I'm willing to bet there are many who don't. Just so you can see what I mean, here's a munged copy of a line from a spam email I processed today: <A href=3D"http://http://BS.website.com/zess936.html">Click fast</A> It shouldn't be too difficult to filter something like this out and resolve the actual link...