Spam in images
Tom Anderson
tanderso at oac-design.com
Wed Sep 6 16:12:06 CEST 2006
Eric Wood wrote:
> I use a more stupid approach and it catches a ton of image spam no matter
> how much "ham" text them wrap around it:
>
> :0 HB
> * < 100000
> * > 30000
> * src=3D\"cid:.*@.*\"
> {
> :0 fwh
> | formail -I"X-Loop: adult-trap GIFAD" -I "Subject: [GIFAD] $SUBJECT"
> :0
> ! spam at intgrp.com
> }
Clever, sure. But like all static rules, it has some shortcomings.
Your assumption that, "Legit corporate email grabs all the images from
the web", is false. I have received more and more email with inline
pictures. I have even recommended the technique to some clients. The
reason is because of privacy issues. Many people turn off image loading
as a security measure to prevent their email client from identifying
them to a remote website and letting spammers know that they opened the
email. As a result, many legitimate emails are turned into a mangled
imageless mess as well. I usually advise sending multipart emails with
both text and html portions, but some companies prefer only to create an
html version and many customers don't set their email client to display
text emails first... they set it to display html emails, but keep the
images off. So, the only recourse is for businesses to start including
graphics in their emails if they hope to communicate their message
before it gets deleted. Thus, putting bounds on the size of the email
or identifying inline images will become less and less effective as a
spam prevention measure.
Anyway, I still don't see the problem with just training on these
emails. I have seen one or two of these get through in the past month
or so, but as soon as I train on it, all future spams of a similar
variety are filtered normally. I don't see that this class of spams is
particularly effective. Nor do they warrant any special treatment.
Just train on errors.
Tom
More information about the Bogofilter
mailing list