[Mailman-Developers] Anti-spam "killer app"?
JC Dill
inet-list@vo.cnchost.com
Sat, 17 Aug 2002 15:33:44 -0700
On 02:37 PM 8/17/02, Chuq Von Rospach wrote:
>On 8/17/02 12:37 PM, "J C Lawrence" <claw@kanga.nu> wrote:
>
>> Keep thinking about it. In essence it is a merely a finer grained
>> scoring system. It doesn't fundamentally change the spam cold war;
>
>Actually, I think it does fundamentally change it. You're not just making
>better guesses at what spammers say. You're effectively building a digital
>signature of what your REAL mail looks like, and comparing messages to it.
>The further it deviates from your real mail, the spammier it is.
>
>The only two ways for spammers to avoid this are to move to graphics
Even then, it will still be easily sussed out. I'm on some hobby lists
where people occasionally send short posts with an image attached. The
small amount of text in the subject line and body, together with the
headers of these desired messages, would all be very different from a
similar spam message with little or no subject or body text and an attached
image.
I think the next big spam trick will be forged email to ObMailing
lists. Why bother subscribing when you can suss out the address of a legit
subscriber, forge your "from" header, and forge your mail server IP to
claim to be that of that poster's normal mail server? As more and more
ObMailing lists are archived on the web in a form viewable by anyone, this
becomes a bigger and bigger problem. Email munging of web archives is
often insufficient, email addresses are left unmunged in the body, or are
often easily guessed from the remaining bits of the from header.
jc