Sidney Markowitz wrote: SM> On Tue, 2002-04-30 at 11:11, rODbegbie wrote: SM> > OE would display it to the user, but SA would miss it for scoring. SM> SM> That's a good point, especially since according to Theo it is not just SM> OE, it is IE's renderer that sees them as comments. We are talking about SM> what spammers are going to use to reach the vast majority of people who SM> end up seeing the HTML in IE, not web designers who want to make their SM> HTML work in as many browsers as possible. SM> SM> Is there evidence of comments with extra spaces in either the spam or SM> the non-spam corpus? Or is this all hypothetical?
Can't find any now, but anything posted to this list educates spammers on how to construct their future messages. So we can assume some of those monitoring this list will be inserting spaces in the right places in their comments in the near future. SM> Perhaps the right thing to do is to strip comments out using a simple SM> check for '<!--' ... '-->'. If spammers start to take advantage of the SM> looser syntax of IE, we can add a rule that scores up comments that have SM> leading or trailing spaces. If it turns out that the only people who use SM> illegal comment syntax are spammers trying to get around SA, you can SM> look for that without even having to parse the text that it is trying to SM> hide. I would say having 2 rules for regular comments and "obfuscated" comments would make sense. Obfuscated comments are very likely to only *ever* appear in spam. regular comments might occasionally appear in legitimate mail. SM> only add other rules if spam starts showing up that justifies them. _______________________________________________________________ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
