Jump to content

Fooling spam prevention systems


DaFoX

Recommended Posts

Posted

Don't know if this been up before, but i've noticed some spamers are able to avoid URIBL, SpamCop and some other systems by fiddling with dns data, for example

www.yourworldtoprx.com

www.hotdrugstorelive.com

www.thetoppillsinternet.com

these have 3 urls have 3 registerd dns servers. the 2 first are reporting correct ip, and the third dns server are reporting a non existing ip, (101.34.2.197) . the third url also seems to block lookups from some ip's :/...

so when you try to report a mail with such url to spamcop it will only say

Tracking link: htt p://ww w.thetopp illsinternet.co m/

No recent reports, no history available

Cannot resolve ht tp://w ww.thet oppillsinternet.co m/

Posted
Don't know if this been up before, but i've noticed some spamers are able to avoid URIBL, SpamCop and some other systems by fiddling with dns data,

over and over and over, for a number of years .... A number of FAQ entries on the SpamCop FAQ here that deal with "Resolving" issues. Not even going to try to guess at the previous Topics, Discussions, and Posts in multiple Forum sections here that deal with this issue.

Posted
Ok. Old News.. i get it,. i just thought it was a weakness, if it's the only thing needed to escape blacklisting

The SpamCopDNSBL does not deal with URLs, only the source IP addresses of the spew.

There are other BLs that deal with URLs, hosts, ISPs, and such ....

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...