On Mon, Aug 22, 2011 at 2:02 PM, Daniel Feenberg <feenberg(_at_)nber(_dot_)org>
wrote:
On Mon, 22 Aug 2011, Martijn Grooten wrote:
URL shorteners (bit.ly, goo.gl, tinyurl.com etc.) have become popular in
recent years for rather obvious reasons. They are being used by spammers for
equally obvious reasons - both in email and on other platforms (e.g.
Twitter).
A filter that checks URLs/domains against a blacklist will either miss the
bad domains hidden behind the shorteners or, if they blacklist the
shortener, find itself blocking legitimate messages. Do Not Use
(third-party) URL Shorteners is sound advice to those sending email, but
it's not going to stop random users from copying shortened URLs from Twitter
or Facebook and pasting them into emails and shortened URLs are unlikely to
stop featuring on Twitter.
Is there some reason the spam filter can't just send a head request to
bit.ly and find out the destination URL? That wouldn't require any
cooperation among the various parties to this potential transaction, and
cooperation is always in short supply in this field.
Bit.ly allows you to add a "+" to the end of a shortened URL to see
where it goes and to also see some stats regarding the URL. Picking a
random URL from Google News, try this.... http://bit.ly/ovrbAu+. My
understanding is that a number of other well known shortener providers
have followed suit.
Mike
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg