Hi,
as Rob McEwen already pointed out Bill Stearns offered image hash data
for such a project. I did write such a plugin (Bill did publish his data
via DNS, thanks again!) but am somewhat disappointed by the results (so
I didn't bother publishing the plugin).
The point is that the most annoying image spams (i.e. those you want to
catch) are deliberatly defective or altered so that simple hashing of
the image MIME parts doesn't really work. Seems to me that spammers
already practise hash busting methods on images, presumably cos some big
ISP(s) do check image hashes already,
Still, if disired I can post that plugin somewhere (with appropriate
words of caution)...
Dirk
John D. Hardin schrieb:
All:
A few posts back was a suggestion for checking the MD5 checksum of
attached images against a blacklist to catch the current wave of
attached-image-only stock pump-and-dump scam spams.
Taking that to its logical conclusion suggests the creation of a
public Image Realtime Block List along the lines of what SURBL
provides for URLs, and extending SA to MD5-sum attached images and
check them against the block list.
Is this a good idea? Is this a bad idea? Is it pointless, as spammers
would just generate per-message images the way they are probably
generating per-message random Bayes poison now? Is it already covered
by Razor et. al.?
Comments are solicited!
--
John Hardin KA7OHZ ICQ#15735746 http://www.impsec.org/~jhardin/
[EMAIL PROTECTED] FALaholic #11174 pgpk -a [EMAIL PROTECTED]
key: 0xB8732E79 - 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Senator, when you took your oath of office, you placed your hand on
the Bible and swore to uphold the Constitution. You didn't place your
hand on the Constitution and swear to uphold the Bible.
-- Jamie Raskin, Professor of Law at American
University, testifying before the Maryland Senate
-----------------------------------------------------------------------
