Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Re: Strange mail with number in subject line and body

From: "Jamie Riden" <jamesr () europe com>
Date: Thu, 8 Jun 2006 11:05:45 +1200
On 08/06/06, Christine Kronberg <seeker () shalla de> wrote:

On Wed, 7 Jun 2006, junkmail () babtras com wrote:

> My best guess is that this is meant to poison the statistics of bayesian mail filters and trick them into letting 
spam through.

   Do you really think a few mails with just a number in it will have
   a noticeable effect on the filters? To me it seems more likely that
   someone uses a bot net for address verification and list washing.


Indeed - most Bayesian techniques I have seen will only look at the n
most 'useful' words in determining whether it's spam or not spam. I
just can't see any feasible way to poison this sort of scheme.

cheers,
Jamie
--
Jamie Riden / jamesr () europe com / jamie.riden () computer org
NZ Honeynet project - http://www.nz-honeynet.org/

------------------------------------------------------------------------------
This List Sponsored by: Black Hat
Attend the Black Hat Briefings & Training USA, July 29. August 3 in Las Vegas. World renowned security experts reveal tomorrow.s threats today. Free of vendor pitches, the Briefings are designed to be pragmatic regardless of your security environment. Featuring 36 hands-on training courses and 10 conference tracks, networking opportunities with over 2,500 delegates from 40+ nations. 
http://www.blackhat.com
------------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: