Menu

#2 3 new URL related features.

open
nobody
None
5
2005-01-03
2005-01-03
No

Hi,

here are a 3 new URL related features I would really
like to have in SpamDot :

- The "add host" window could have a Checkbox that let
us use the full url instead of just the default page in
the domain (should be unchecked by default). BTW, the
"add host" window could be wider to allow seeing longer
URLs without scrolling.

- The URL could include some randomization substitution
indicators to properly exercise servers when the URL
contains identification / user tracking attempts such
as http://faked.biz?ID=gs6847116
I propose the following notation :
beginning : {?
end : }
Numeric (0..9) : n
Numeric (1..9) : N
lowercase letter : a
uppercase letter : A
Mixed upper/lowercase letter : @
lowercase hexadecimal (0..9,a..f) : h
uppercase hexadecimal (0..9,A..F) : H
Numbers + mixed upper/lowercase letter : X
Any character useable in an url : x
Any character useable in an email address : e
(0..9,a..z,A..Z and (with a much lower occurance rate)
-,_,. a letter increases likehood of subsequent
letters, da igit increases likehood of subsequent digits)
A domain name used in other spams in the list : d
(different IP, only when marked in surbl, more than
48H / less than a month old)
Skip next character 50% of times : ?
Ignore until closing character (reserve for expansion
syntax) : ( & [
Closing characters : ] and )
All unknown characters are not interpreted and removed.

A (manually) encoded URL could look like this :
http://faked.biz?ID=\{?aannnnnnn}
http://getbigherbal.biz/?remove=\{?eee?e?e?e?e?e?e?e?e?e?e}@{?d}
http://\{?@@@@@@?@?@?@?@}.virginfck.biz

Each time this is interpreted/sent, it would create a
new random ID with two letters and 7 digits.
Second line would produce fake removal requests for
adresses in domains known to be spammy, but real.
Addresses would be between 3 and 12 characters long.
The third example exercises wildcard subdomains with a
6...10 mixed case letters random subdomain ...

If {? followed by } is detected in an URL, the check
box (suggestion #1) should be checked by default.

This extension would allow more targetted operation
(reading content filled pages), and scripts usage
(higher CPU load for the queried server with lower
bandwidth usage, and in some cases, database space
expansion directly proportional to the number of
queries or interresting side effects with tracking
bugs). FWIW ;-)

- A URL redirection resolver.
When a (single/multiple) redirection is detected in the
target's content, it could be followed until the final
destination is reached.
The redirection steps should be kept in the
configuration file (just like the Aliases are)
If the final destination is alrerady known (by
SpamDot), the origin URL is added to this destination's
redirection field, else the final destination URL
should be shown in a confirmation dialog (Use
redirected URL (Yes/No/abort)). If user clicks "no",
the original URL is used instead.

Discussion


Log in to post a comment.