On 7/7/2017 9:06 AM, Charles Amstutz wrote:
I am new to the group, but have experience with writing some rules and
some meta rules.
Has anyone come up with a good way to detect spam that has random
words in paragraph forms (usually at the bottom of the message body)
or they look like they copy parts from various wiki’s or other news
sources?
That type of obfuscation is just a technique used by spammers. Typically
there are other indicators that I would focus on.
In other words, analyzing the content might not help much but analyzing
the pathway (how the email got to point B) might be.
It's often more helpful to use pastebin to post a full example with
headers for discussions. Otherwise it's a bit vague to discuss.
Regards,
KAM
