URL shorteners (bit.ly, goo.gl, tinyurl.com etc.) have become popular in recent
years for rather obvious reasons. They are being used by spammers for equally
obvious reasons - both in email and on other platforms (e.g. Twitter).
A filter that checks URLs/domains against a blacklist will either miss the bad
domains hidden behind the shorteners or, if they blacklist the shortener, find
itself blocking legitimate messages. Do Not Use (third-party) URL Shorteners is
sound advice to those sending email, but it's not going to stop random users
from copying shortened URLs from Twitter or Facebook and pasting them into
emails and shortened URLs are unlikely to stop featuring on Twitter.
Tell those providing shorteners to check URLs against blacklists is also a good
idea - and probably necessary for them to stop ending up on blacklists
themselves - but if a filter happens to prefer a different blacklist it doesn't
help much. (I also don't know if checks are made every time someone clicks on
the link or just when the shortened URL is generated.)
So I was wondering if it would help if shorteners published the URLs in a DNS
txt record. As the path of a shortened URL usually consists of lowercase,
uppercase letters and numbers, the uppercase letters need to be encoded, e.g.
by preceding them with an underscore. So for instance to look up the URL behind
http://bit.ly/gkP0H
would require a lookup of the TXT record for
gk_p0_h._short.bit.ly
Now I don't know if this is something that would actually help those developing
spam-/content-filters. Doing a HTTP lookup to determine the URL isn't exactly
rocket science - though intuitively, it seems more 'natural' to use DNS,
especially if that's what is used for the URL blacklist lookup.
Nor do I know if this would be something that would interest those providing
shortening services. As it would allow browsers to avoid making a HTTP request
to their services, it would mean they would stop having reliable click through
statistics which, I guess, are a source of revenue to them.
But I thought I'd post it here anyway as perhaps it is useful. In which case
I'm sure it can be improved upon.
Martijn.
Virus Bulletin Ltd, The Pentagon, Abingdon, OX14 3YP, England.
Company Reg No: 2388295. VAT Reg No: GB 532 5598 33.
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg