|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Full-Disclosure] spam with anti-bayesian parts
From: Nick FitzGerald (nick
virus-l.demon.co.uk)
Date: Mon Jan 12 2004 - 06:11:40 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
vogthansenet.com wrote:
<<snip>>
> What I'm wondering is:
> Why do the spammers even go to the length of using random words? Those are
> easy to filter out with some heuristics (e.g. missing punctuation). Why
> don't they grab some real text, say from a news site? There's an endless
> supply of new, proper text out there.
...and some of them have been using some of it.
That is not a new idea. Spam with "normal text" filler "stolen" from
various sources has existed for a while. The problem with this typeof
thing is that to hide the extra text (so it does not interfere with the
desired message) they have to put ti in a really small font and/or make
the font colour (very close to) the message background. (Of course, if
you use a text-only MUA you will either see nothing (because the spam
contains no text/plain component) or the gibberish or stolen text.
In theory the existence of the HTML markup to perform either of the
"hiding" tricks should quickly gain high spam-specificity value...
Regards,
Nick FitzGerald
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]