After the recent news that Microsoft is now censoring users of its instant messaging software from receiving messages containing .info, as well as things like .pif which they were already blocking, I decided to do some research to find out what else they think could pose a security risk to you and your computer and censor.
The list of blocked strings is stored on the Messenger servers so that it can be quickly downloaded to instantly update your Messenger with any new entries without you having to download a whole new version. After playing around a bit with the Messenger protocol (aka MSNP) I managed to retrieve the list from the servers.
Unless there was a problem downloading the list, which there didn't appear to, the Messenger team have started removing the end of lots of strings - presumably to try and stop even more bad site links getting sent. For example .p used to be .pif and .s used to be .scr and on several other strings .ph used to be .php, .e used to be .exe and .c used to be .com.
Because the list currently contains 124 entries I've made an image containing them all. This also means that you cannot easily copy the text to try and visit any of the URLs in the list which would potentially end in your computer being infected with some kind of virus, adware, spyware or worm, or expose you to phishing scams.
>> View the image of the list of censored strings
>> If you want to find out more about how these entries are used or why the .* in some strings actually slows your computer down then there is a discussion expanding upon these ideas started by TheBlasphemer, the creator of StuffPlug, over at the StuffPlug forums.
The list of blocked strings is stored on the Messenger servers so that it can be quickly downloaded to instantly update your Messenger with any new entries without you having to download a whole new version. After playing around a bit with the Messenger protocol (aka MSNP) I managed to retrieve the list from the servers.
Unless there was a problem downloading the list, which there didn't appear to, the Messenger team have started removing the end of lots of strings - presumably to try and stop even more bad site links getting sent. For example .p used to be .pif and .s used to be .scr and on several other strings .ph used to be .php, .e used to be .exe and .c used to be .com.
Because the list currently contains 124 entries I've made an image containing them all. This also means that you cannot easily copy the text to try and visit any of the URLs in the list which would potentially end in your computer being infected with some kind of virus, adware, spyware or worm, or expose you to phishing scams.
>> View the image of the list of censored strings
>> If you want to find out more about how these entries are used or why the .* in some strings actually slows your computer down then there is a discussion expanding upon these ideas started by TheBlasphemer, the creator of StuffPlug, over at the StuffPlug forums.
Did you like this news post?
You can get all the latest articles at msgstuff.com in your email inbox each morning by entering your email address below.
Your address will only be used for mailing you the articles, and each one will include a link so you can unsubscribe at any time.
If you have an RSS reader, I recommend you subscribe to the Full RSS Feed 
Comments:
There appears to be a problem with the program you used to get this blocked extensions. It appears to occasionally chop of a few characters. For example: .p and .s should really be .pif and .scr.
And using the MSNP11 protocol (need authentification) : [url]http://img382.imageshack.us/my.php?image=blockedlistmsnp11li8.png[/url]
It appear they are the same, but since few days, microsoft removed the .info regex (which is still blocked), and replaced it by a new server verification : is the blocked word is in a link, the server notify the client that the message can't be delivered.
Try to send http://.info and .info ...
Anyone else find it strange that '.p' is apparently blocked yet things like '.png' and most '.php' can get through whilst '.pif' doesn't ...
What was that supposed to be?
Add Comment: