[ale] Intelligent Spammers
Bob Toxen
transam at verysecurelinux.com
Thu Oct 26 13:33:06 EDT 2006
Yes, the latest trend is for spammers to provide the message in an
image and random words in the text body, both of which are very hard
for software to analyze.
My spam filter uses many levels of filters (about 10) and gets most
of the spam with a low false-positive rate. Some of these filters
are specifically to detect common spammer attempts to defeat less
sophisticated spam filters. Unlike spamassasin, mine does not require
users or SysAdmins to tune it.
Best regards,
Bob Toxen, CTO
Horizon Network Security
"Your expert in Firewalls, Virus and Spam Filters, VPNs, Linux System
Administration, local and remote backup software, Network Monitoring,
and Network Security consulting, in business for 16 years."
http://www.verysecurelinux.com [Network & Linux/Unix Security Consulting]
http://www.realworldlinuxsecurity.com [My 5* book: "Real World Linux Security"]
http://www.verysecurelinux.com/sunset.html [Sunset Computer]
bob at verysecurelinux.com (e-mail)
If you spend more on coffee than on IT security, you will be hacked.
What's more, you deserve to be hacked.
-- White House cybersecurity adviser Richard Clarke
On Wed, Oct 25, 2006 at 09:51:44AM -0400, Christopher Fowler wrote:
> Lately spamassasin has been failing. I think it is because some of
> these spammers are getting very creative. Some way they know what I do
> and send subject lines with the words that are technical. My guess is
> that they harvest an address from a mailing list. Look at the archives
> and harvest words from the subject list. Use those words to compose a
> subject that makes no sense but will pass the test. I'm getting many
> "Serious Letter. You have to read". So many to the point I may tell
> procmail to send all emails with the subject "*You have to read*" to the
> bit bucket. It might be time to tune spamassassin?
More information about the Ale
mailing list