ietf-asrg
[Top] [All Lists]

[Asrg] How to defeat spam that uses encryption?

2003-03-31 08:51:31
If I were a spammer (I am not) I'd start encrypting messages to throw off
content filtering. Public keys are easily obtainable and are readily
associated with good email addresses.

Also, but not quite as complex:
A few years ago, I 'invented*' a way to encode a whole web page as a long
string. This string is a variable in JavaScript. When it's opened, a
function is applied to the string where it's decoded contents are written to
the browser. Imagine a simple ROT13 decoder. What's more is Bayesian
filtering would fail because the spammer can invent pads, and ROT bases,
thereby inventing new 'words' in the dictionary all the time.

Just a thought of what's to come...

* I probably wasn't the first, but I never found anything like it elsewhere
on the web at the time I did it. Originally it was to hide content from
hosting services (or browsers, a la secret key pad entered into a form or
JavaScript prompt.)- they'd actually have to view it in a JS enabled
browser. 'Grep'ing the file wouldn't work.

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg