Obviously, bit.ly cares about making sure that spammers don’t abuse their service. The third is Sophos, an innovative security service whose behavioral-analysis technology goes beyond blacklists, to proactively detect spam and malware. Websense will analyze the web content behind bit.ly links in real time, using heuristic tools and reputation data to flag spammy URLs, malicious content and phishing sites. The second is the Websense Threatseeker Cloud service, which we’ll be adding to our arsenal of anti-spam tools. The iDefense blacklist includes URLs, domains, and IP addresses which host exploits, malicious code, command and control servers, drop sites and other nefarious activity. The iDefense system is focused on detecting and defeating malware. The first is VeriSign’s iDefense IP reputation service. They fight abuse this is straight off their blog: It is true that bit.ly is abused and that there are URL shorteners that either are set up for spamming, or don’t do a good job of abuse mitigation, but bit.ly is not among them. The vast majority of links in bit.ly are legitimate. Their own documentation says that you shouldn’t use that zone to block outright, you should use as a weight in the spam filter.īut even then, using bit.ly as a weight in a content filter will be prone to false positives. However, they are not listed in DBL’s “block” zone but in their “URL shortener” zone. One reason that Spamhaus lists bit.ly on their DBL is because they are seen in so much spam. Naive use of URL shorteners in your email will send it to the spam folder. Nor is it unique to SpamHaus: many other spam filters, public and private, are starting to treat common URL shorteners with suspicion. This isn’t unique to bit.ly: many other URL shorteners have similar problems- j.mp, su.pr, and others. All this means that emails that contain bit.ly URLs are increasingly likely to have serious delivery problems. They’re listed in the DBL-SpamHaus’s newish domain based blacklist, intended for content-based filtering of email. They’re listed on the SBL multiple times. SpamHaus on bit.lyīit.ly have been on SpamHaus’s radar for quite a while. Now being “totally owned” by the Canadian Pharmacy gang, thousands of URLs being spammed with very slow takedowns.Not good. Inevitably, URL shorteners that are persistently abused by spammers (especially those where that’s done with the support of the URL shortener operator) start to be seen as a sign of spam, and email that uses them will be treated with suspicion by content-based spam filters and often sent to the spam folder.īit.ly is probably the highest profile URL shortener, so it’s the one you’ll most likely see people trying to use in email. And, in just the same way, spammers quickly found that they were a good way to avoid content-based filters or to hide a suspicious looking target URL. Making URLs shorter was their original role, and it’s why they’re so common in media where the raw URL is visible to the recipient-instant messaging, twitter and other microblogs, and in plain text email where the “real” URL won’t fit on a single line.įrom the moment they were invented they’ve been used to trick people to click on links to pages they’d rather not visit, from musical classics to less tasteful content. URL shorteners, like bit.ly, moby.to and, do three things:
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |