All: A few posts back was a suggestion for checking the MD5 checksum of attached images against a blacklist to catch the current wave of attached-image-only stock pump-and-dump scam spams.
Taking that to its logical conclusion suggests the creation of a public Image Realtime Block List along the lines of what SURBL provides for URLs, and extending SA to MD5-sum attached images and check them against the block list. Is this a good idea? Is this a bad idea? Is it pointless, as spammers would just generate per-message images the way they are probably generating per-message random Bayes poison now? Is it already covered by Razor et. al.? Comments are solicited! -- John Hardin KA7OHZ ICQ#15735746 http://www.impsec.org/~jhardin/ [EMAIL PROTECTED] FALaholic #11174 pgpk -a [EMAIL PROTECTED] key: 0xB8732E79 - 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 ----------------------------------------------------------------------- Senator, when you took your oath of office, you placed your hand on the Bible and swore to uphold the Constitution. You didn't place your hand on the Constitution and swear to uphold the Bible. -- Jamie Raskin, Professor of Law at American University, testifying before the Maryland Senate -----------------------------------------------------------------------
