Skip to main content


A new spam technique I just found out about based on DNS and #RSS: Take over a defunct domain that was hosting an RSS feed through #Wordpress for example, install Wordpress again, publish a new article that will be pushed to all former RSS feed subscribers.
:-O is this scheme actively exploited? Wouldn't have guessed that spammers go to such great lengths to get some mails out, which are most often easily filtered out by even naive spam filters anyways.
This entry was edited (4 years ago)
It isn’t email, it’s RSS feed (maybe “pushed” was misleading), and I’m not convinced it was intentional, the coincidence of having a Wordpress blog on any given domain is pretty high given its predominance, even on the same domain after a change of ownership.
Ah yes, thinking error. It's not mail. So also unfiltered. How could this be prevented for the subscriber? If the new domain holds a new valid certificate that'll not prevent anything.
It can be prevented by not dropping your services without informing your subscribers first :)

I don't think there's much threat in it but it is just one more way to "reuse" abandoned domain. I don't think there's anything to do about it.
I don’t think it needs to be actively prevented, it’ll work only once, and then people will drop their subscription, and it’s unworkable since you have to specifically track RSS publishing domains over multiple years.
⇧