Spam in images
Eric Wood
eric at interplas.com
Wed Sep 6 16:51:04 CEST 2006
From: "Tom Anderson"
> Your assumption that, "Legit corporate email grabs all the images from
> the web", is false. I have received more and more email with inline
> pictures.
Examples?
> I usually advise sending multipart emails with
> both text and html portions, but some companies prefer only to create an
> html version and many customers don't set their email client to display
> text emails first... they set it to display html emails, but keep the
> images off.
I go around to many companies to work on their systems and I have yet to
meet a person that turned images off because they were concerned about
privacy. Average users don't play on/off games with their email client,
they just want to see the email whereever it comes from and go home at 5:00
o'clock.
> So, the only recourse is for businesses to start including
> graphics in their emails if they hope to communicate their message
> before it gets deleted. Thus, putting bounds on the size of the email
> or identifying inline images will become less and less effective as a
> spam prevention measure.
Seems like a bunch of people disagree with your recomendation:
Tigerdirect, Surplus Computers, BellSouth, Ebay, Office Depot/Max, Techmags,
Paypal and many other html emails I just scrolled through in my inbox all
reference (pull) images from their corporate webservers. There may be one
oddball company sending me some inline images in there somewhere..... And
like I said, it's usually people inlining their signature pictures or
corporate logos that could be a future problem if their email client does
"cids:" with a @. notion.
> I don't see that this class of spams is particularly effective.
Nor do I.
> Nor do they warrant any special treatment. Just train on errors.
Ahem.... but you are doing special treatment! You had to run it through a
perl fork (stripsearch).
I'm just saying my "special treatment" is to look at cid: syntax and yours
it to grab an ASN and train on that. I'm just not that advanced yet.
-eric wood
PS. My procmail rule caught 19 images spam while writing this message.
More information about the Bogofilter
mailing list