On 07/07/2017 10:15 AM, Kevin A. McGrail wrote:
On 7/7/2017 9:06 AM, Charles Amstutz wrote:
I am new to the group, but have experience with writing some rules and
some meta rules.
Has anyone come up with a good way to detect spam that has random
words in paragraph forms (usually at the bottom of the message body)
or they look like they copy parts from various wiki’s or other news
sources?
That type of obfuscation is just a technique used by spammers. Typically
there are other indicators that I would focus on.
In other words, analyzing the content might not help much but analyzing
the pathway (how the email got to point B) might be.
It's often more helpful to use pastebin to post a full example with
headers for discussions. Otherwise it's a bit vague to discuss.
Regards,
KAM
I agree. Train them as spam in Bayesian. Setup more RBL rules to
augment the default SA RBLs, meta rules that hit combinations of
existing SA rules for these emails, etc.
See the SA mailing list archives for the score.senderscore.org RBL as an
example of a helpful RBL addition.
Invaluement RBL is well worth it's cost if you have a mail filtering
platform with your own rbldnsd setup. I am able to setup rules with
scores well above 8.0 that cover a lot of edge case spam that don't hit
other rules that add points.
--
Dave
