Skip to main content
A new spam technique I just found out about based on DNS and #RSS: Take over a defunct domain that was hosting an RSS feed through #Wordpress for example, install Wordpress again, publish a new article that will be pushed to all former RSS feed subscribers.
#RSS #Wordpress
Christian Wiwie
Christian Wiwie  
:-O is this scheme actively exploited? Wouldn't have guessed that spammers go to such great lengths to get some mails out, which are most often easily filtered out by even naive spam filters anyways.
This entry was edited (4 years ago)
Hypolite Petovan
Hypolite Petovan  
It isn’t email, it’s RSS feed (maybe “pushed” was misleading), and I’m not convinced it was intentional, the coincidence of having a Wordpress blog on any given domain is pretty high given its predominance, even on the same domain after a change of ownership.
Christian Wiwie
Christian Wiwie  
Ah yes, thinking error. It's not mail. So also unfiltered. How could this be prevented for the subscriber? If the new domain holds a new valid certificate that'll not prevent anything.
Alexander
Alexander  
It can be prevented by not dropping your services without informing your subscribers first :)

I don't think there's much threat in it but it is just one more way to "reuse" abandoned domain. I don't think there's anything to do about it.
Hypolite Petovan
Hypolite Petovan  
I don’t think it needs to be actively prevented, it’ll work only once, and then people will drop their subscription, and it’s unworkable since you have to specifically track RSS publishing domains over multiple years.
⇧