RE: Advances in Spamming Techniques

["Bojan Zdrnja" <Bojan.Zdrnja () LSS hr>]

> -----Original Message-----
> From: full-disclosure-admin () lists netsys com 
> [mailto:full-disclosure-admin () lists netsys com] On Behalf Of 
> David Maxwell
> Sent: Saturday, 26 July 2003 4:30 p.m.
> To: Paul Schmehl
> Cc: security snot; full-disclosure () lists netsys com
> Subject: Re: [Full-disclosure] Advances in Spamming Techniques
>
>
> However, a related technique which I've seen lately is that of appending
> a couple of paragraphs of non-spam text, in an attempt to out-weigh the
> spamminess of the other content.

Yep, this is a known technique they try to use to defeat anti-spam measures.

In most cases they make HTML e-mails (is one solution to completely ban HTML
e-mails?) with for example white background then put their spam text at the
beginning and then anti-spam paragraphs at the bottom of the e-mail, but in
white color.

On the screen you won't see those paragraphs at all as they are white on
white, but that doesn't make any difference to anti-spam tool.

Also, a lot of spam e-mails I've been getting lately just have an img src
pointer in HTML which actually shows complete spam as one picture. This can
be defeated by denying outbound HTTP connections to MUA.

Regards,

Bojan Zdrnja

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html