Full Disclosure mailing list archives
Re: spam with anti-bayesian parts
From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Tue, 13 Jan 2004 01:11:40 +1300
vogt () hansenet com wrote: <<snip>>
What I'm wondering is: Why do the spammers even go to the length of using random words? Those are easy to filter out with some heuristics (e.g. missing punctuation). Why don't they grab some real text, say from a news site? There's an endless supply of new, proper text out there.
...and some of them have been using some of it. That is not a new idea. Spam with "normal text" filler "stolen" from various sources has existed for a while. The problem with this typeof thing is that to hide the extra text (so it does not interfere with the desired message) they have to put ti in a really small font and/or make the font colour (very close to) the message background. (Of course, if you use a text-only MUA you will either see nothing (because the spam contains no text/plain component) or the gibberish or stolen text. In theory the existence of the HTML markup to perform either of the "hiding" tricks should quickly gain high spam-specificity value... Regards, Nick FitzGerald _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- spam with anti-bayesian parts vogt (Jan 12)
- Re: spam with anti-bayesian parts Paul Farrow (Jan 12)
- Re: spam with anti-bayesian parts José María Mateos (Jan 12)
- Re: spam with anti-bayesian parts Suresh Ponnusami (Jan 12)
- RE: spam with anti-bayesian parts Bojan Zdrnja (Jan 12)
- Re: spam with anti-bayesian parts Gismo C. (Jan 12)
- Re: spam with anti-bayesian parts Nick FitzGerald (Jan 12)
- Re: spam with anti-bayesian parts Jonathan A. Zdziarski (Jan 12)
- <Possible follow-ups>
- Re: spam with anti-bayesian parts Feher Tamas (Jan 12)
- Re: spam with anti-bayesian parts Paul Farrow (Jan 12)