-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Kelson Vibber writes: > Got an interesting variation on those "Strong Buy!" stock scams. > Instead of a straight message, they'd taken a screen shot of the pitch > and rotated it slightly (presumably to make OCR more difficult), then > placed the image in an email. > > And yet check out the score it got: > > Message scored 14.2 points, 5.0 required; > * 1.1 SPF_NEUTRAL SPF: sender does not match SPF record (neutral) > * [SPF failed: Please see <URL_REMOVED>] > * 0.1 HTML_90_100 BODY: Message is 90% to 100% HTML > * 1.6 HTML_SHORT_LENGTH BODY: HTML is extremely short > * 0.0 HTML_MESSAGE BODY: HTML included in message > * 4.0 BAYES_99 BODY: Bayesian spam probability is 99 to 100% > * [score: 1.0000] > * 0.0 MIME_HTML_ONLY BODY: Message only has text/html MIME parts > * 3.6 HTML_IMAGE_ONLY_04 BODY: HTML: images with 0-400 bytes of words > * 0.2 MIME_BASE64_NO_NAME RAW: base64 attachment does not have a file > * name > * 2.5 FORGED_THEBAT_HTML The Bat! can't send HTML message only > * 1.1 HTML_MIME_NO_HTML_TAG HTML-only message, but there is no HTML tag yeah, we were chatting about that on John-Graham Cumming's weblog. All I can think of is that they're attempting to evade another anti-spam product, one that uses OCR, but is secret/proprietary hence *we* don't know about it. I'm surprised you had no XBL or SURBL hits either, btw! - --j. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Exmh CVS iD8DBQFDzU1RMJF5cimLx9ARAr91AKC1QuLrUz85uCMTmkgIk6a/EDRh3wCdHdBb ewxbxFzFwnXgg4Fn6cXNydc= =gOm6 -----END PGP SIGNATURE-----
