How can I send or receive messages mentioning blacklisted sites?
If blacklisted URIs must be mentioned in a message body, then one answer is to munge the URI until it’s no longer parsable as a URI. E.g., http://somedomain.com/ can be rewritten as: http://somedomain-MUNGED.com/ That would require some awareness on the part of the person forwarding or discussing a listed site, but it’s just as doable and humanly readable as munged email addresses, which people do all the time. It’s a good practice to use little or no filtering on your security mailing list messages and abuse contact addresses, or to bypass them around filtering.
If blacklisted URIs must be mentioned in a message body, then one answer is to munge the URI until it’s no longer parsable as a URI. E.g., http://somedomain.com/ can be rewritten as: http://somedomain-MUNGED.com/ That would require some awareness on the part of the person forwarding or discussing a listed site, but it’s just as doable and humanly readable as munged email addresses, which people do all the time. Another commonly used technique is to change the “http” to something that doesn’t work such as “hxxp”. It’s a good practice to use little or no filtering on your security mailing list messages and abuse contact addresses, or to bypass them around filtering.
