Spam in images

Eric Wood eric at interplas.com
Wed Sep 6 16:51:04 CEST 2006 

From: "Tom Anderson"
> Your assumption that, "Legit corporate email grabs all the images from
> the web", is false.  I have received more and more email with inline
> pictures.

Examples?

> I usually advise sending multipart emails with
> both text and html portions, but some companies prefer only to create an
> html version and many customers don't set their email client to display
> text emails first... they set it to display html emails, but keep the
> images off.

I go around to many companies to work on their systems and I have yet to 
meet a person that turned images off because they were concerned about 
privacy.  Average users don't play on/off games with their email client, 
they just want to see the email whereever it comes from and go home at 5:00 
o'clock.

> So, the only recourse is for businesses to start including
> graphics in their emails if they hope to communicate their message
> before it gets deleted.  Thus, putting bounds on the size of the email
> or identifying inline images will become less and less effective as a
> spam prevention measure.

Seems like a bunch of people disagree with your recomendation:
Tigerdirect, Surplus Computers, BellSouth, Ebay, Office Depot/Max, Techmags, 
Paypal and many other html emails I just scrolled through in my inbox all 
reference (pull) images from their corporate webservers.   There may be one 
oddball company sending me some inline images in there somewhere.....  And 
like I said, it's usually people inlining their signature pictures or 
corporate logos that could be a future problem if their email client does 
"cids:" with a @. notion.

> I don't see that this class of spams is  particularly effective.

Nor do I.

> Nor do they warrant any special treatment.  Just train on errors.

Ahem.... but you are doing special treatment!  You had to run it through a 
perl fork (stripsearch).

I'm just saying my "special treatment" is to look at cid: syntax and yours 
it to grab an ASN and train on that.  I'm just not that advanced yet.

-eric wood
PS.  My procmail rule caught 19 images spam while writing this message.

More information about the Bogofilter mailing list