ietf-asrg
[Top] [All Lists]

RE: [Asrg] How to defeat spam that uses encryption?

2003-03-31 11:08:42
On Mon, 31 Mar 2003, Jason Hihn wrote:

But imagine this in a message:

[javascript]
$cypher_text="dsfjhsjdfhsdfjksdhfskjfhsd.."
function decrypt(key, cypher_text){
/* do description */
document.writeln($plain_text)
}
[/javascript]

[body onload=decrypt("aasc", $cypher_text)]
--- finish ---

That is fascinating.  I read my mail with Pine.

Now all your filters, Bayesian or not, will only work on the actual text
seen between start and finish.

Here's a simple rule:

        IF body contains "javascript THEN bounce.

If that's too draconian, then:

        IF body contains "onload=" THEN bounce.

No filtering will be done of the "message" -
what the user sees.  Furthermore, variable and function names are infinitely
variable, and what is not variable is standard html/js stuff and has
significant legit use.

Not according to me, at least not in e-mail.  My mail filters already
strip HTML from incoming mail.  I can't say for sure, because I never
actually see HTML mail, but I don't believe anyone has ever sent me a
legitimate e-mail with javascript code in it.

If spammers start abusing this, then we'll have the happy result that
more people will start filtering out HTML mail, and we'll go back to
plain-text e-mail. :-)

--
David.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg



<Prev in Thread] Current Thread [Next in Thread>