More Anti-Spam and Anti-Malware Protection

Following the recent introduction of anti-spam and anti-malware features, I’ve now deployed extra protections on top of the previous ones.

The intial protections checked the destination URL (and domain) and the requester’s IP address when the clig is first created. The problem is that sometimes the public blacklists that Cligs uses sometimes do not know about malicious URLs. In this instance, Cligs and other URL shortening services are at the very beginning of a spam/virus campaign, and no one knows about it yet.

Obviously, this is not a good situation to be in. We need to check again later.

Like random police checks, sometimes Cligs re-checks the destination URL before forwarding it onwards. How random? Each forward has a 10% chance of being checked. The balance to strike here is between performance/necessity of checking 100% of the time vs stopping malicious links getting through. If you think about it, viruses and spammers send out massive amounts of emails and these generate a lot of traffic; checking 10% of that will catch the spam eventually.

If the new system detects a malicious clig, it immediately disables it and starts returning a 404 Page Not Found error.

The beauty of this is that the system is completely automated. I only get an email saying a clig has been caught. That’s an email I’ll always be happy to see!

This entry was posted on Freitag, August 7th, 2009 at 6:46 pm and is filed under Cligs News. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.