A thought about phone numbers and URIBLs

[Craig McLean <cr...@fukka.co.uk>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hey folks, I was having a thought about phone numbers in spam messages,
and the old brain pinged an idea at me. I'd really appreciate any feedback!

It occurred to me that I get a fair amount of spam which includes
phone/fax numbers. It also occurred to me that given a string like
"Number:+447031916662" (from real spam), then we could strip out the
phone number and do a lookup thus:

mail# host 447031916662.evilnumbers
447031916662.evilnumbers has address 127.0.0.2

(real dns lookup to a specially created "evilnumbers" zone)
And hey presto, it would work just like a URIBL would.

I'm no perl hacker, so what are the odds the current URIDNSBL code could
be re-used to perform this? Would any of the SURBL guys be interested in
hosting the back-end if it's worth doing?

Comments welcomed. Thanks for your time!

C.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFDmykyMDDagS2VwJ4RAhHZAJ95zuQwJJwd5CsIovQ68tlSVOTaIQCePaDg
6CdQ749VZ5mmK88c6f9RNMc=
=PjtL
-----END PGP SIGNATURE-----

Re: A thought about phone numbers and URIBLs

[Magnus Holmgren <ho...@lysator.liu.se>]

Craig McLean skrev:
> Hey folks, I was having a thought about phone numbers in spam messages,
> and the old brain pinged an idea at me. I'd really appreciate any feedback!
> 
> It occurred to me that I get a fair amount of spam which includes
> phone/fax numbers. It also occurred to me that given a string like
> "Number:+447031916662" (from real spam), then we could strip out the
> phone number and do a lookup thus:
> 
> [snip]

Just a thought: Phone numbers don't have to be clicked on or linked to,
so won't they be too easy to hide in pictures, floats or vertical text
tables? Of course such obfuscations can be detected by themselves, but
it's still something to think about.

-- 
Magnus Holmgren