Just to add my 2 Euro-Cent:
Something like this might actually exist (in as far as gif-only spams
are of interest).
Bert Ungerer, an editor with the German IT magazine 'iX', developed a
procmail-based AntiSpam-System he called 'NiXSpam'.
One part of it is a list of MD5-has
On Sunday 10 Jul 2005 06:41, William Stearns wrote:
> Good evening, all,
>
> On Thu, 9 Jun 2005, Chris Santerre wrote:
> >> From: Sven Riedel [mailto:[EMAIL PROTECTED]
> >> Sent: Thursday, June 09, 2005 10:19 AM
> >>
> >> has anyone developed a good strategy against spams
> >> that contain a random
Good evening, all,
On Thu, 9 Jun 2005, Chris Santerre wrote:
From: Sven Riedel [mailto:[EMAIL PROTECTED]
Sent: Thursday, June 09, 2005 10:19 AM
has anyone developed a good strategy against spams
that contain a random text and the actual spam in
an image within a multipart/alternative mail?
Sh
Hi,
> Check out the interesting idea at www.rulesemporium.com/forums/
> entitled: Image attachment MD5 footprint RBL
Yes, that sounds cool. I wouldn't use MD5 though, since it would
be rather easy to work around cryptographical hashes with simple
automation.
Not going into details here, don't
Kelson wrote:
Ben Hanson wrote:
Hmm, scoring certain attachments (.gif, .jpg, etc) based on a
calculated checksum (md5 or otherwise).
Now that I think about it, I recall Razor used to run into false
positives with one of the background images in a set of Outlook
stationery (because some s
Ben Hanson wrote:
Hmm, scoring certain attachments (.gif, .jpg, etc) based on a calculated
checksum (md5 or otherwise).
Now that I think about it, I recall Razor used to run into false
positives with one of the background images in a set of Outlook
stationery (because some spammers had used t
Hmm, scoring certain attachments (.gif, .jpg, etc) based on a calculated
checksum (md5 or otherwise). To be time efficient it would have to be
an enable/disable option for older hardware, presumably. The
disadvantages are cpu time, network traffic, the need for servers to
store the checksum r
On Thu, 9 Jun 2005, Chris Santerre wrote:
> >There are image processing algorithms that are much better at 'looking'
> >at two images and giving a 'distance' value. (Only problem is
> >that they're
> >compute intensive).
>
> Well then don't use MD5 :)
>
> Hell then just pull a sample from the imag
Absolutely - that's why I said "scoring" rather than blocking. :)
All I meant was that a few e-Bay phishers start using the e-bay logo, it
gets marked as a "spam image" and all future e-bay e-mails will have +1
added to them. Shouldn't be enough on its own to counteract AWL, Bayes,
etc. for a
>-Original Message-
>From: David B Funk [mailto:[EMAIL PROTECTED]
>Sent: Thursday, June 09, 2005 2:16 PM
>To: Chris Santerre
>Cc: users@spamassassin.apache.org
>Subject: RE: Gif-Only spams
>
>
>On Thu, 9 Jun 2005, Chris Santerre wrote:
>
>> >My onl
On Thu, 9 Jun 2005, Chris Santerre wrote:
> >My only comment on a system like this is that it could be
> >easily subverted.
> >A spammer could use automated image editting tools to randomly
> >change some
> >aspect of the file that would give it a totally different MD5 sum. Like
> >changing the lo
On Thu, 9 Jun 2005, Bret Miller wrote:
> > has anyone developed a good strategy against spams
> > that contain a random text and the actual spam in
> > an image within a multipart/alternative mail?
> >
> > Short of entirely blocking mails containing images, that
> > is.
>
> SURBL, URIBL
Sorry, bu
> Baby steps ;)
Agreed!
The other big problem I see is phishers (or spammers trying to poison
the system) intentionally inserting images normally found in legitimate
e-mails (eg, e-bay).
You'd end up scoring all legit e-mails that image hash shows up in.
Evan
Sven Riedel wrote:
Hi,
has anyone developed a good strat
>-Original Message-
>From: Geoff Manning [mailto:[EMAIL PROTECTED]
>Sent: Thursday, June 09, 2005 11:45 AM
>To: users@spamassassin.apache.org
>Subject: RE: Gif-Only spams
>
>
>> Check out the interesting idea at www.rulesemporium.com/forums/
>>
> Check out the interesting idea at www.rulesemporium.com/forums/
>
> entitled: Image attachment MD5 footprint RBL
My only comment on a system like this is that it could be easily subverted.
A spammer could use automated image editting tools to randomly change some
aspect of the file that would
>-Original Message-
>From: Sven Riedel [mailto:[EMAIL PROTECTED]
>Sent: Thursday, June 09, 2005 10:19 AM
>To: users@spamassassin.apache.org
>Subject: Gif-Only spams
>
>
>Hi,
>has anyone developed a good strategy against spams
>that contain a random text an
> has anyone developed a good strategy against spams
> that contain a random text and the actual spam in
> an image within a multipart/alternative mail?
>
> Short of entirely blocking mails containing images, that
> is.
SURBL, URIBL
SURBL is included in SA 3.x, so if you haven't upgraded, this mi
Hi,
has anyone developed a good strategy against spams
that contain a random text and the actual spam in
an image within a multipart/alternative mail?
Short of entirely blocking mails containing images, that
is.
Regs,
Sven
--
BAGHUS GmbH
EDV und Internet
19 matches
Mail list logo
