A Short URL blocklist, lists URLs observed in the message body of spam sent to our primary traps.
The list compliments the domain blacklist since Short URLs have become a common way for spam to avoid domain blacklisting by hiding behind URL shortening services since it is not possible to list some Short URL domains (e.g. bitly) without causing significant false positives.
Additionally, shortening services are usually very poor at handling abuse of their services. Since it is not possible to represent a full URL in a DNS query, and thus a DNSBL, short URLs are first normalized, then SHA-1 hashed.
The hash value is then used for lookup instead of the URL.
For more see Abusix Mail Intelligence – Short URL Hash List.Back to Glossary