[Spambayes] Latest spammer trick stymied

[Richard Jowsey]

> Spammers might be simple folk, but serious crackers (not the script
> kiddies) certainly are not.  If there comes to be a widely deployed
> tool with this sort of fetch-what-I-tell-you-to behaviour, then it
> will get exploited by people wanting to do a denial of service
> attack or similar. 

There's literally dozens of DOS "attack tools" out there already.
They're unfortunately very easy to build. A determined site-slammer 
is
going to use quite different technology than my crawler, in any case,
e.g. http://grc.com/dos/grcdos.htm

What I've built is a simple url-slurper, which resides on a proxy
server (not deployed on desktops), and is only invoked under very
particular circumstances. The results are immediately incorporated
into the server's database, so that anyone else receiving that spam
benefits from the extra information. Under this kind of deployment
scenario, a spam site only needs to be crawled once. Then we've got
him nailed!  :)

Cheers,
Richard