DCC is at: http://www.rhyolite.com/anti-spam/dcc/ Don't know about rpm's, you can try http://rpmfind.net (Don't think they have RH EL rpms) Or http://dag.wieers.com But probably you'll have to compile it yourself (As I did for my RH EL3), which is pretty simple. -Sietse
________________________________ From: Paul Matthews [mailto:[EMAIL PROTECTED] Sent: Mon 22-May-06 13:16 To: users@spamassassin.apache.org Subject: Re: checksumming image spam I see in my webmin module, 'Location of DCC client program' but I don't think I have it installed, what package should I be looking for, i'm running rhel4 can i installed it from up2date or is there an rpm out there? Any information on using DCC with spamassassin and rhel would be great. > http://www.nytimes.com/2006/05/21/business/yourmoney/21spam.html > > Matt Sergeant (of MessageLabs, and one of the early SpamAssassin > committers too!) is interviewed about spam, with a bit of relevance > regarding image checksumming (which we've been talking about recently): > > > The spammers were trying to circumvent the world's junk-mail filters by > embedding their messages -- whether peddling something called China > Digital Media for $1.71 a share, or a "Hot Pick!" company called GroFeed > for just 10 cents -- into images. > > It worked, but only briefly. Antispam developers at MessageLabs, one of > several companies that essentially reroute their clients' e-mail traffic > through proprietary spam-scrubbing servers before delivering it, quickly > developed a "checksum," or fingerprint, for the images, and created a > filter to block them. [...] > > Shortly after MessageLabs created a filter to catch the stock spams, the > images they contained changed again. > > They were now arriving with what looked to the naked eye like a gray > border. Zooming in, however, the MessageLabs team discovered that the > border was made up of thousands of randomly ordered dots. Indeed, every > message in that particular spam campaign was generated with a new image > of the border -- each with its own random array of dots. [...] > > "We actually developed some technology to detect borders in images and > figure out the entropy -- that is, to figure out if the border was > random," Mr. Sergeant said. "So that was fine." Of course, shortly > afterward, "they decided to stop using the borders," he added. > > From there, the senders began placing a small number of barely > perceptible and, again, randomly placed dots -- a pink one here, a blue > one there, a green one near the bottom -- throughout the images. Then > they shifted to multiple images, with words spelled partially in plain > text and partially as images, so that the content, when viewed on a > common e-mail reader like Outlook or AOL, would look like an ordinary > message. > > > Aside from that techie stuff, it's a good interview too ;) > > --j. > -- Paul Matthews Junior Network Technician | The Cathedral School Ph (07) 47222 194 | Fax (07) 47222 111 PO Box 944 Aitkenvale Q 4814 E: [EMAIL PROTECTED] W: www.cathedral.qld.edu.au Anglican coeducation | Day and Boarding | Early Childhood to Year 12 Educating for life-long success **************************************************************************** **************************************************************************** *********************************** IMPORTANT NOTICE REGARDING CONFIDENTIALITY This electronic email message is intended only for the addressee and may contain confidential information. If you are not the addressee, you are notified that any transmission, distribution or photocopying of this email is strictly prohibited. The confidentiality attached to this email is not waived, lost or destroyed by reasons of a mistaken delivery to you.
