On Sat, Sep 18, 2004 at 10:42:31PM +1000, Laird Breyer wrote:
I don't know. Do you treat header content separately from body
content? Many Bayesian filters read both header and body together,
which gives quite a lot of information. Some treat each part
separately and then combine them. Even a spam with an empty body has
routing information and bogus sender details, which adds up to a few
quality tokens. It really depends.
The Spammers' Compendium
http://www.jgc.org/tsc/
has a list of tricks spammers use to beat bayesian filters.
What is missing what I have seen lately is the use of e.g.
|_)
|_)|_|\/
/
_ ___
| | / (_)___ _____ __________ _
| | / / / __ `/ __ `/ ___/ __ `/
| |/ / / /_/ / /_/ / / / /_/ /
|___/_/\__,_/\__, /_/ \__,_/
/____/
.o.
888
ooo. .oo. .ooooo. oooo oooo ooo 888
`888P"Y88b d88' `88b `88. `88. .8' Y8P
888 888 888 888 `88..]88..8' `8'
888 888 888 888 `888'`888' .o.
o888o o888o `Y8bod8P' `8' `8' Y8P
to beat a bayesian filter.
Also spammers start poisoning headers with lines like:
X-Literature: Once upon a time ...
which they expand for a few lines, just as they add randon words or
literature in the text part of multipart/alternative messages.
\Maex
--
SpaceNet AG | Joseph-Dollinger-Bogen 14 | Fon: +49 (89) 32356-0
Research & Development | D-80807 Muenchen | Fax: +49 (89) 32356-299
"The security, stability and reliability of a computer system is reciprocally
proportional to the amount of vacuity between the ears of the admin"
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg