Spammers have begun taking advantage of Internationalized Domain Names as a home for penis pill portals and other spamvertised sites. Internationalized Domain Names (IDN) allow domain names to include Arabic, Chinese and Russian characters, among others, as well as Latin letters. The inclusion of non-Latin characters with …
I already filter out stuff like charset=euc-kr (according to my hit list, I last got spam with that string in the headers just before midnight on 27 Feb, so there are still naughty boys out there who think I can read Korean...) so doing that kind of thing will simply make it easier for me to kill spam. Thanks spammers.
This gives even more excuses for people to suddenly start blocking non-Latin characters and thus killing the non-Latin domain idea stone dead before it really got on it's feet!
Next thing "da Net" is split by those that want to use the new char sets and those who block and refuse! Lets here it for the governing bodies and a complete waste of time trying to get this off the ground properly!
"Dear FRIEND! Please upgrade your browser to $ALTROOT to read this VALUABLE MESSAGE!"
It's of course entirely predictable this was going to happen and a total shame that anti-spam vendors haven't had the foresight to update their software. One of the very very few chances to be one step ahead of spammers. I honestly think that missing it is inexcusable for self-respecting "computer security" vendors.
The interesting thing is in the fact that it does happen, as in the spammers think IDN is now widespread enough to be viable. Or maybe they're just cheapskates.
Probably making it easier
It is easier to shitlist email when it has wonky characters. The aforementioned rule on banning Korean encoding can be simply extended to "anything not ISO-8859-1 or UTF8" which works for anyone using Latin alphabets. Most penis pill spam is targeted at the US, and they don't need to support any of the non-Latin character sets. :)
"For every action there's an equal and opposite reaction."
Anyone up for a pint?