[Top] [All Lists]

GTUBE/Re: Quizzic: Spam equivalent to EICAR test virus proposal.

2003-07-02 08:20:43

Bart Schaefer wrote:

Just for comparison:

SpamAssassin defines what's called the Generic Test for Unsolicited Bulk
Email (GTUBE).  It's defined as a string matching the regular expression


appearing anywhere in the message body, after decoding and HTML rendering.

(I write the regular expression rather than the string itself so that any
of you running spamassassin won't score this message at 1000 points.)

Thanks! So a start has been made. - a sample.

Matt Sergeant of SpamAssassin posted very relevantly to the ASRG about GTUBE in March:

There were a couple replies that are meritless from Vernon Schryver and Kee Hinckley A valid complaint was what about antispam systems that aren't content filters?

Enhancement to my scheme to more fully address it:
A pseudo-open relay could be established (run by who?) that would (attempt to) relay only Quizzic-compliant messages. It would be listed in all blacklists. The From would be specified to be that of a specified domain, which would go in all domain-based blacklists. (anything(_at_)ADVQZWK(_dot_)com, as previously suggested). It would not 2xx OK the SMTP DATA command, but rather send a 4xx/5xx error (the same one it encountered) if the attempt to relay failed.

Matt posted this helpful reply:
not realizing that there was a solution to his item 1 w/o spoofing.

Sounds like the effort is still needed and  the need is there.