Re: Spam with PGP

["Jonathan A. Zdziarski" <jonathan () nuclearelephant com>]

> ---8<---
> </body></html>ahdmf uvhuex qnzysthoa
> r
>  xdgmeqxqyawg
> --->8---
>
> And this nonsense "words" fool bayesian filters. 


they won't fool any good Bayesian filter, and actually I've found that
they are an excellent way to identify spam, as many spammers are too
stupid to change the jumble of letters at the end.

but more importantly, a good bayesian filter that sees these "words"
that it doesn't know should assign them a fairly neutral value.  DSPAM
assigns new tokens .4.  Since Bayesian filtering uses the most
interesting tokens (interesting meaning with the highest distance from a
neutral .5), these tokens won't even get used in the final calculation
and will be for all practical purposes ignored.

and as I said, should the spammer start using these same "words" in
multiple mailings, they'll be a great way to tag the spam.

> As I said before, I think that bayesian filters are not perfect
> (spammers use tricks to circumvent them). And I also think that
> rulebased ones are'nt perfect too 

I haven't found a good trick spammers have used to get around my filters
yet...the fact that Bayesian learns each user's specific behavior also
makes it extremely difficult for a spammer to craft a message that would
get through to a large number of people (how they make the little money
they do make) since you can't just run a message through a rules list
like you can with heuristic-based filters.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html