link not detected properly because of '@'

[raivac]

Hi,

in last received spams, they use a special form of link which is not detected properly by spamcop because of the '@':

https://moncourtier.fr%2F@r.lodibi.fr

the real link is r.lodibi.fr/

reportid=7330379815

Thierry

[Lking]

None of use can access the 'reportid'  Please provide the related TRACKING URL It can be found at the top of the page, looking like:

Quote

Here is your TRACKING URL - it may be saved for future reference:
https://www.spamcop.net/sc?id=z6896544827z9ed126fec57cf97367e56cfb77357d66z

That way we can see the issue you raised, in context. Thanks

[raivac]

sorry,

 

https://www.spamcop.net/sc?id=z6896546395zfa0942472bdfceaa8d2f809a61a6aadfz

[petzl]

23 minutes ago, raivac said:

sorry,
https://www.spamcop.net/sc?id=z6896546395zfa0942472bdfceaa8d2f809a61a6aadfz

Seems correct OVH is correct, whether they bother maybe 

[gnarlymarley]

I can kind of see what you mean where some browsers try split at the "@" because they think the "%2F" is part of the username and not a "/". I didn't find anything in rfc3986 relating to the %2F being part of the userinfo section.

Firefox warning:

You are about to log in to the site “r.lodibi.fr” with the username “moncourtier%2Efr%2F”, but the website does not require authentication. This may be an attempt to trick you.

Is “r.lodibi.fr” the site you want to visit?


[raivac]

yes, firefox warns (thanks to him)

chromium doesn't warn an goes directly to “r.lodibi.fr”

didn't tried with Edge

spamcop only see "moncourtier.fr' and wants to report to ovh, but the real network (“r.lodibi.fr”) is from google-cloud-compliance