DaFoX Posted August 14, 2007 Posted August 14, 2007 Don't know if this been up before, but i've noticed some spamers are able to avoid URIBL, SpamCop and some other systems by fiddling with dns data, for example www.yourworldtoprx.com www.hotdrugstorelive.com www.thetoppillsinternet.com these have 3 urls have 3 registerd dns servers. the 2 first are reporting correct ip, and the third dns server are reporting a non existing ip, (101.34.2.197) . the third url also seems to block lookups from some ip's :/... so when you try to report a mail with such url to spamcop it will only say Tracking link: htt p://ww w.thetopp illsinternet.co m/ No recent reports, no history available Cannot resolve ht tp://w ww.thet oppillsinternet.co m/
Telarin Posted August 14, 2007 Posted August 14, 2007 Reporting of URLs is a secondary goal for spamcop (and in the vast majority of cases serves no purpose). If you want to work on getting spammer websites shut down, I would suggest these two resources: TheCarPCStore.com Kill Spammers Forums Knujon.com
Wazoo Posted August 14, 2007 Posted August 14, 2007 Don't know if this been up before, but i've noticed some spamers are able to avoid URIBL, SpamCop and some other systems by fiddling with dns data, over and over and over, for a number of years .... A number of FAQ entries on the SpamCop FAQ here that deal with "Resolving" issues. Not even going to try to guess at the previous Topics, Discussions, and Posts in multiple Forum sections here that deal with this issue.
DaFoX Posted August 14, 2007 Author Posted August 14, 2007 Ok. Old News.. i get it,. i just thought it was a weakness, if it's the only thing needed to escape blacklisting
Wazoo Posted August 14, 2007 Posted August 14, 2007 Ok. Old News.. i get it,. i just thought it was a weakness, if it's the only thing needed to escape blacklisting The SpamCopDNSBL does not deal with URLs, only the source IP addresses of the spew. There are other BLs that deal with URLs, hosts, ISPs, and such ....
Recommended Posts
Archived
This topic is now archived and is closed to further replies.