Comments on: E-mail security: detecting spam (II)

By: DominoG

DominoG — Sat, 13 Jan 2007 12:09:34 +0000

But they have a new technique every day.

By: Jorge Santos

Jorge Santos — Tue, 27 Jun 2006 09:27:34 +0000

There’s a new email protocol proposal called EmailXT that solves the current email problems and adds more features to it. It is still a work in progress but a proof-of-concept application already exists.

By: Pete

Pete — Thu, 06 Apr 2006 23:08:11 +0000

Guys, if you actively want to stop the spamming mail servers, google for teergrubing.
You can set up a Teergrube server simply and all it uses is the spammer’s server bandwidth and resources by keeping the spammer’s email server transmissions open for a few hours if they send a large number of emails to you in a short time.
It also ‘encourages’ absent admins to look after their servers to tighten them and prevent open relays.
http://www.iks-jena.de/mitarb/lutz/usenet/teergrube.en.html

By: » E-mail security: detecting spam (V) » Becoming paranoid » Tips about computer security, privacy and staying safe online

Wed, 05 Apr 2006 22:46:31 +0000

[...] We saw some techniques spammers use to try to evade Bayesian spam filters and how the use of this techniques is making spam a bit less effective and, sometimes, even more easy to detect. [...]

By: Jenny

Jenny — Fri, 31 Mar 2006 11:12:36 +0000

I was going through this article how egreetings can be used to send spam. And since the mail is sent out by the greeting card company the actual mail will be sent to your inbox.

By: enemieslist.com: Spam News

enemieslist.com: Spam News — Thu, 30 Mar 2006 18:28:44 +0000

Links Roundup…

E-mail security: detecting spam (II) Spam Code A World’s First Atriks morphs into Advit How Spam Circumvents ‘Image Off’ features In Web Mail Neighborhood watch for phishing launchesBecause Sunbelt apparently thinks the APWG isn’t enough?……

By: Ashok

Ashok — Thu, 30 Mar 2006 07:41:57 +0000

If one of the common ways to distribute a spam-run is to use some random insecure desktop machine, isn’t it just a matter of time before the padding they use is derived from real threads the user of that machine has participated in? Hell, you could even make it look like a plausible conversation some of the time.

By: James Heinrich

James Heinrich — Thu, 30 Mar 2006 02:22:37 +0000

I ended up writing my own PHP-based mail filter (http://phpop3clean.sf.net) to catch all the above-mentioned techniques (and more). Writing my own gave me the flexibility to adapt to the latest filter-evasion techniques (almost) as fast as spammers come up with them. The latest almost-impossible-to-filter technique spammers use is image spam (spam message as an image) with randomized pixels throughout the image (generate spam message, but randomize 10 pixels of the image for each recipient the spam is sent to).

By: justin

justin — Thu, 30 Mar 2006 02:16:18 +0000

@ z (comment number 7)

Creating email postage isn’t a solution.

The amount people are willing to pay for postage (you suggested 0.10 USD) multiplied by the number recipients the spammer is trying to send to, creates that additional cost. But that cost is covered by the few people who buy through the spammer’s website. So while not as lucrative as before, it is still a profit.

If you want to see an example of companies sending spam with postage, go outside and check your snail-mailbox.

By: madelman

madelman — Wed, 29 Mar 2006 23:44:28 +0000

Hey, tahnks everyone for your comments. You have given me a lot of good ideas for the next posts.

Expect some more posts about evasion of the filters and different techniques for classifying spam.