[SpamCop-List] Re: Vampire - Re: Old subject Revisited

[Eric]

Graeme Leith wrote:
> Joe Blow wrote:
> 
>> You're assuming that the image exists on the IB's site...which seems
>> unlikely if the image is really related to the spammer's site.  For 
>> example,
>> spammy can't very well expect an image of his "product" to exist on an 
>> IB's
>> site...and it would look pretty stupid to have an image unrelated to his
>> "product".  Granted, if the image is a common logo or otherwise generic
>> image that may exist on any number of sites, it wouldn't be a good 
>> candidate
>> to spam vampire.
> 
> 
> The image doesn't have to be the same name. The image on my site is 
> called See.jpg. If you send a referrer of the index page on my site, 
> then my server will deliver the *See.jpg* to you. If you don't send the 
> correct referrer, then you get redirected to the image *spews.gif* on 
> SPEWS. So, if you send a valid request, you see what you're supposed to 
> see. If you send an invalid request, you get bumped to something else.
> The owner of the web site gets to choose what are valid and invalid 
> requests.
> 
> I chose referrer as it only took a couple of minutes to code. I could 
> have decided that it would deliver the image to any single IP address 
> 100 times in a 24 hour period, with all additional requests from that IP 
> beyond that point getting redirected. If I set it up this way, SV would 
> become useless, but normal visitors would not encounter any problems.
> 


Using "HTTP_REFERER" do perform this switch is unreliable, especially
with more and more people setting their browsers not to send the
referring URL out of privacy concerns.  Of course, those same people
might be less likely to fall for some spam scam.

So those people would see the redirect target image, and not the
scam image.  It might reduce the number of suckers, at that!