LAArt Posted January 30, 2004 Share Posted January 30, 2004 The URL below doesn't parse properly. Not sure if parser thinks it's a redirect, or if the handoff isn't seen. http://my.netzero.net/s/lc?s=140591&u=http...om/auto2/?iybrd Link to comment Share on other sites More sharing options...
Jeff G. Posted January 30, 2004 Share Posted January 30, 2004 This certainly appears to be a redirect that the parser doesn't recognize: Parsing input: http://my.netzero.net/s/lc?s=140591&u=http...om/auto2/?iybrd host 64.136.21.230 = my.nyc.netzero.net (cached) No recent reports, no history available [report history] Resolves to 64.136.21.230 Routing details for 64.136.21.230 Report routing for 64.136.21.230: spamdesk[at]support.juno.com Statistics: 64.136.21.230 not listed in bl.spamcop.net More Information.. 64.136.21.230 not listed in dnsbl.njabl.org 64.136.21.230 not listed in dnsbl.njabl.org 64.136.21.230 not listed in cbl.abuseat.org 64.136.21.230 not listed in dnsbl.sorbs.net 64.136.21.230 not listed in relays.ordb.org. Reporting addresses: spamdesk[at]support.juno.com Link to comment Share on other sites More sharing options...
Wazoo Posted January 31, 2004 Share Posted January 31, 2004 The URL below doesn't parse properly. Not sure if parser thinks it's a redirect, or if the handoff isn't seen. http://my.netzero.net/s/lc?s=140591&u=http...om/auto2/?iybrd Based on what I see, why would you think that it redirects? Ahhh, it looks totally different in quoted window ..... Ok, I'm going to go on a totally different tack here ... The current IE exploit of the non-printable character may be an issue here. If so, then there's also an issue with the translation of code you cut/pasted into this post, the way this app translates it, and the way it gets handled on this screen (IE6sp1all-patches, etc) .... What I see in the posted link (in the quote box) includes the section ....?iybrd]http: ..... In the exploit, the "]" would be the non-printable character. I thiink I'd rather see the "real" code, which of course, would include the full headers to see what you actually received, vice what I think I'm seeing after too many translations ... and to see a "real" copy, it looks like a referral back to the NNTP side of the house is going to be required, specifically, posting the spam over in spamcop.spam .... Yes, I know, not an answer, but you have perhaps opened up another "problem" area <g> Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.