[69268] in North American Network Operators' Group
Re: Mail with no purpose?
daemon@ATHENA.MIT.EDU (Richard Cox)
Thu Apr 1 12:11:26 2004
From: Richard Cox <richard@mandarin.com>
To: nanog@nanog.org
Reply-To: nanog@mandarin.com
In-Reply-To: <Pine.LNX.4.44.0404010849430.21167-100000@sokol.elan.net>
Date: Thu, 1 Apr 2004 17:08:00 +0000 (GMT)
Errors-To: owner-nanog-outgoing@merit.edu
On Thu, 1 Apr 2004 17:15:10 UTC <william@elan.net> wrote:
> I don't quite understand how that would work.
=2E..
> unless instead of using something like
> "http://spammersserver.com/confirmemail.cgi?yourname@yourdomain.com"
> they rewrite it into "http://emailidstring.spammerserver.com"
> and use some custom dns server that can log all such requests.
That is precisely what they are doing.
> But I really dont see how this would be any different then just
> logging with cgi, it'll result in positive logging for exactly
> same set of people.
In pure logging terms there is no difference. However a filtering
mailserver may do a lookup on the URL to see if the IP is listed as
problematic, and that will register the DNS access whereas it would
not register the CGI. The thinking being that the filter would be
unlikely to check the content if the address was invalid anyway.
Also, the IP of the URL target is more likely to be identifiable,
and the site taken down, than any nameserver that might be used.
(It's all relative - no absolutes here)
--=20
Richard Cox
