Search:  

 
theme to black backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » What's Behind the Penny Stock Spam Surge » Uhm..
Search Topic:
 Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Post a:
Post a:
Users are the problem »
« Vontage?  
AuthorAll Replies


sporkme
drop the crantini and move it, sister
Premium,MVM
join:2000-07-01
Morristown, NJ
·Optimum Online

reply to nixen
Re: Uhm..

said by nixen See Profile :

They post a message that's about 80% "real" text, and then the stock pump is a single JPEG or GIF image in the message. So, most of the Bayesian filters just give it a pass. If it weren't for all of the MS mail users, I'd simply reject HTML email altogether.
SpamAssassin is getting pretty good at catching the quirks that seperate these messages from real mail.

One thing that really helps is automating "sa-update" to grab the latest rules from the SpamAss folks. I didn't even no about that until a few weeks ago - previously they released new rules with each version of spamass, but now the rules are continuously updated.

I would imagine if you greylist and use spamass, you don't see too much of this crap.

I wonder how long it will be until they have botnet clients that are compliant enough to make their way through greylisting (ie: include a queue)? I mean if they can generate a unique image for each email, queueing sounds pretty darn simple in comparison.
to forum · permalink · · 2006-11-18 17:48:46 · Reply to this


nixen
Rockin' the Boxen
Premium
join:2002-10-04
Alexandria, VA
·Cox HSI
·Speakeasy
said by sporkme See Profile :

SpamAssassin is getting pretty good at catching the quirks that seperate these messages from real mail.

One thing that really helps is automating "sa-update" to grab the latest rules from the SpamAss folks. I didn't even no about that until a few weeks ago - previously they released new rules with each version of spamass, but now the rules are continuously updated.
Hmm... perhaps it would be helpful if I read the Release Notes to see these new tools? Just ran it in debug mode. Nifty tool. I got it croned now.

said by sporkme See Profile :

I would imagine if you greylist and use spamass, you don't see too much of this crap.
Yeah, I use a greylist daemon. However, the bot-nets are getting a bit more sophisticated. They aren't just attempting single delivery any more.

-tom
--
"Experience should teach us to be most on our guard to protect liberty when the government's purposes are beneficial. The greatest dangers to liberty lurk in insidious encroachment by men of zeal, well meaning but without understanding." -Louis D Brandeis
to forum · permalink · · 2006-11-18 18:07:15 · Reply to this
Forums » What's Behind the Penny Stock Spam SurgeUsers are the problem »
« Vontage?  

Thursday, 26-Nov 23:49:45 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10 years online! © 1999-2009 dslreports.com.
page compression OFF
Most commented news this week
· [112] Time Warner Cable Fires Broadside At Broadcasters
· [109] New AT&T Ad Campaign Hits Back At Verizon
· [95] Apple Joins AT&T Verizon Snark Fest
· [87] New Bill Takes Aim At Higher Verizon ETFs
· [70] TiVo Sees Record Customer Losses
· [62] In-Flight Internet Headed For Bumpy Landing?
· [54] Thanksgiving Open Thread
· [37] ICANN Slams DNS Redirection
· [36] Senators Want ACTA Made Public
· [35] EFF Wages War On Fine Print
Most people now reading
· Bell Response to PIPEDA Request [TekSavvy]
· I'll Just Unplug That... [No, I Will Not Fix Your #@$!! Computer]
· SSD [Computer Hardware Discussion/Reviews]
· Only firefox accesses Internet? [Security]
· Newegg Black Friday Sale started [Users Find Hot Deals]
· 3.x Feral Druid - Bear Tanking Guide [World of Warcraft]
· [ Classes] Druid tanking: rotation and glyphs [World of Warcraft]
· Not strictly "Home" related - but WOW anyways... [Home Repair & Improvement]
· IPComms Free DIDs now with sip registration maybe?? [VOIP Tech Chat]
· Windows 7 boot manager editing questions [Microsoft Help]