[Spambayes] More "spam of the future" lately?
Charles Cazabon
python-spambayes at discworld.dyndns.org
Wed Dec 17 09:19:51 EST 2003
Matthew Dixon Cowles <matt at mondoinfo.com> wrote:
> [spidering URLs in unsure messages]
>
> > My biggest concern here would be verifying my e-mail address to all
> > the spammers. By retrieving the content of a link in order to
> > classify it, you have performed the same operation as clicking on
> > it and have thus triggered any "web bug" attached to that link in
> > the form of an identifying query parameter.
>
> The code I use strips off a question-mark and the CGI parameters that
> follow it and an at-sign and the username and password fields that
> precede it in an effort to avoid send identifying data.
Insufficient: web bug links (not just from spammers) frequently encode the
unique identifier in ways other than with a query string:
http://host.example.org/dir/script/uniqueid/otherparameter
etc. The OP is right; no matter how much you munge the URL, following it is a
possible information leak.
Charles
--
-----------------------------------------------------------------------
Charles Cazabon <python-spambayes at discworld.dyndns.org>
GPL'ed software available at: http://www.qcc.ca/~charlesc/software/
-----------------------------------------------------------------------
More information about the Spambayes
mailing list