ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Asrg] URL shorteners, spam and DNS

2011-08-22 11:35:25
from [Martijn Grooten] [Permanent Link] 
URL shorteners (bit.ly, goo.gl, tinyurl.com etc.) have become popular in recent 
years for rather obvious reasons. They are being used by spammers for equally 
obvious reasons - both in email and on other platforms (e.g. Twitter).

A filter that checks URLs/domains against a blacklist will either miss the bad 
domains hidden behind the shorteners or, if they blacklist the shortener, find 
itself blocking legitimate messages. Do Not Use (third-party) URL Shorteners is 
sound advice to those sending email, but it's not going to stop random users 
from copying shortened URLs from Twitter or Facebook and pasting them into 
emails and shortened URLs are unlikely to stop featuring on Twitter.

Tell those providing shorteners to check URLs against blacklists is also a good 
idea - and probably necessary for them to stop ending up on blacklists 
themselves - but if a filter happens to prefer a different blacklist it doesn't 
help much. (I also don't know if checks are made every time someone clicks on 
the link or just when the shortened URL is generated.)

So I was wondering if it would help if shorteners published the URLs in a DNS 
txt record. As the path of a shortened URL usually consists of lowercase, 
uppercase letters and numbers, the uppercase letters need to be encoded, e.g. 
by preceding them with an underscore. So for instance to look up the URL behind

  http://bit.ly/gkP0H

would require a lookup of the TXT record for

  gk_p0_h._short.bit.ly

Now I don't know if this is something that would actually help those developing 
spam-/content-filters. Doing a HTTP lookup to determine the URL isn't exactly 
rocket science - though intuitively, it seems more 'natural' to use DNS, 
especially if that's what is used for the URL blacklist lookup.

Nor do I know if this would be something that would interest those providing 
shortening services. As it would allow browsers to avoid making a HTTP request 
to their services, it would mean they would stop having reliable click through 
statistics which, I guess, are a source of revenue to them.

But I thought I'd post it here anyway as perhaps it is useful. In which case 
I'm sure it can be improved upon.

Martijn.



Virus Bulletin Ltd, The Pentagon, Abingdon, OX14 3YP, England.
Company Reg No: 2388295. VAT Reg No: GB 532 5598 33.
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Asrg] VB2011 Barcelona - Call for last-minute papers, Martijn Grooten
Next by Date:  Re: [Asrg] URL shorteners, spam and DNS, Steve Atkins
Previous by Thread:  [Asrg] VB2011 Barcelona - Call for last-minute papers, Martijn Grooten
Next by Thread:  Re: [Asrg] URL shorteners, spam and DNS, Steve Atkins
Indexes:  [Date] [Thread] [Top] [All Lists]