[vox-tech] spam current events

Alex Mandel tech_dev at wildintellect.com
Thu Aug 31 14:33:17 PDT 2006


David Rosenstrauch wrote:
> Peter Jay Salzman wrote:
>> i'm getting hammered with email containing text designed to trick 
>> bayesian
>> filters.  unfortunately, it appears to be quite successful in that 
>> endeavor.
>> the email text is nonsensical, however the email has a gif image 
>> attachment.
>>
>> at first, the gif was always named "image001.gif", and i was able to 
>> REJECT
>> such emails when Postfix detected a gif attachment named "image001.gif".
>> but whoever is sending this got smarter and now the gif file is named all
>> kinds of things.
>>
>> i'm not quite sure how to filter these things anymore other than to 
>> REJECT
>> all gif attachments, which I'd prefer not to do if i can help it..
>>
>> the gif image itself is mostly white with a few colored "threads" here 
>> and
>> there.  i certainly don't see any text, so i'm not quite sure what their
>> purpose is.  perhaps it's some kind of virus?
>>
>> anyone else seeing these things?  i'm getting them a few times a day now.
>>
>> pete
> 
> I'm getting loads of these too, and it's similarly brought down the 
> effectiveness of Thunderbird's bayesian filter.
> 
> If anyone's got a solution, I'm all ears.
> 
> Maybe someone should ask Paul Graham for a solution.  :-)
> 
> On a more serious note, though, I used to use the Popfile 
> (popfile.sf.net) bayesian filter a while back and it was (at least back 
> then) very up-to-date in terms of updating the filter to deal with new 
> kinds of spam that were coming out.  Might want to check the project 
> mailing lists and/or source code and see if they've found any solution 
> for this issue.
> 
> HTH,
> 
> DR

On a separate thought has anyone tried out any of the community based 
blacklist/anti-spam groups where they use a dispersed reporting tool to 
identify servers to blacklist and email address's to identify providers 
that may have violators on their system, or in the case of this one file 
complaints in bulk with the spammer.

http://en.wikipedia.org/wiki/Blue_Frog

Alex


More information about the vox-tech mailing list