Armoring Spam Against Anti-Spam Filters 511
moggyf points to a BBC article about how spam can be successfully tweaked to slip past current filtering methods, excerpting "To finding out how to beat the filters Mr Graham-Cumming sent himself the same message 10,000 times but to each one added a fixed number of random words. When a message got through he trained an 'evil' filter that helped to tune the perfect collection of additional words."
iluvspam adds "It's an interview with POPFile author John Graham-Cumming that summarizes his talk at the recent MIT Spam Conference. You can still listen to the technical details here (choose the Afternoon 1 session, he starts about 75 minutes in)."
infinite monkeys (Score:5, Funny)
Re:infinite monkeys (Score:5, Funny)
Re:infinite monkeys (Score:5, Funny)
In my day we didn't have monkeys. We had to filter spam by hand. And we liked it!
You kids and your infinite monkeys... Shakespear wouldn't have used monkeys were he alive today. He would have rolled up his sleaves and written hamlet the right way!
Damn kids..
Re:infinite monkeys (Score:5, Funny)
Re:infinite monkeys (Score:5, Funny)
We were so poor we had to eat spam.
Re:infinite monkeys (Score:4, Funny)
Ah we're such fun loving people. How come none of us have girlfriends?
Re:infinite monkeys (Score:5, Funny)
Re:infinite monkeys (Score:3, Funny)
You maniacs! Goddamn you all to hell!
mitch
Re:infinite monkeys (Score:3, Funny)
Re:infinite monkeys (Score:3, Funny)
Re:infinite monkeys (Score:3, Funny)
The saddest thing is that quoting the values of html attributes isn't required by the standard.
Re:infinite monkeys (Score:3, Informative)
However, if you choose the current (dated 26 January 2000) W3C XHTML recommendations then yes, the quotes are required [w3.org].
Re:infinite monkeys (Score:3, Funny)
Yeah, he would have had Christopher Marlowe or Bacon write it for him!
Re:infinite monkeys (Score:3, Funny)
Re:infinite monkeys (Score:5, Insightful)
First, if the spammer sends thousands of copies of the same message and just changes the "extra words" that he is testing, it will take very little time for Bayesian to adapt to the rest of the message. Suddenly, the rest of the message that previously contained non-spammy words will be considered very spammy and will overwhelm the "extra words" that each message contains. Each time the message is caught as spam, the probability that any future tests get through--regardless of the "extra words"--will be reduced even further.
Second, as the article said, it's a lot of work on the part of the spammer. They'd have to send out thousands of messages to each target to "sniff them out" and most of those wouldn't even be effective since most of them would be caught by filters and those few that got through very few would load the HTML bugs to identify themselves.
Finally, it assumes that those that are using Bayesian filters are filtering their email but leaving their security (inasmuch as HTML bugs) wide open. While there may be some people that use Bayesian and leave HTML bugs active, it has to be a small minority.
In short, it seems to me they've "found" a way to get around Bayesian that won't work, so to speak. I just don't see the problem.... ??
Re:infinite monkeys (Score:5, Insightful)
This is exactly the point. Most of the spam examples will die out because they have an ineffective collection of non spam words. But a few will survive and you now can train an own Bayesian filter which collects the versions of spam that generated webbug hits. After a while some words will shine prominently in your Bayesian filter database for being very effective at slipping through Bayesian spam filters.
Basicly you a fighting the dote with itself. And yes. You can automate the process. Just take your everyday spam (penis enlargement, unsecured credit, Nigerian business opportunities...), take a dictionary and then randomly mix dictionary words into your spam messages and send them out to your email database. Create a website to get the webbug hits and associate every spam message with a hash of the random dictionary words to identify successful sets of anti spam words.
Re:infinite monkeys (Score:3, Funny)
$50,000 gets you the whole 300,000 message Bayesian database.
lindsayleeds _at_ comcast.net
Pay up spammers.
I agree, there is no problem. (Score:5, Informative)
He could have saved himself a lot of time and trouble and just looked in that file.
And that file will be different for EVERY installation. So the words he found ("Berkshire", "Marriott", "wireless", "touch" and "comment") would NOT get spam past MY filter.
So, the spammers have to keep (and update) a word list for EVERY PERSON on their lists.
Which means that, with an incredible amount of effort, the spammers will be able to get spam to the people least likely to purchase a product from a spammer.
There is no problem.
Re:I agree, there is no problem. (Score:5, Interesting)
That's one of the strengths of pushing bayesian filtering to as close to the final recipient as possible. Millions of customized bayesian scoring databases are much more difficult to defeat then a single centralized database. Bayesian databases are pretty much maintenance free, as long as the junk/not-junk/might-be user-interface is intuitive and makes life as easy for the user as possible.
There is some value in putting the bayesian filtering at a workgroup level, where it helps that there's a bit of shared knowledge and everyone in the group pretty much agrees on their personal definition of what is/isn't spam. However, once you get past around 10-25 people, I'd say that bayesian is going to start becoming ineffective due to either over-zealous users, or overly-broad ham/spam classifications.
What I'd be interested in is a bayesian that works both on the individual level and the workgroup level. With some sort of flag/switch/setting that tells the engine how much to consider the workgroup database as opposed to my personal database. This would be useful when adding a new member to the group, initially they'd rely heavily on the groups opinion as to what is ham/spam, but as time goes on it would adapt to their choices (as well as the group database slowly adapting to everyone elses).
Meanwhile, this guy is screwed. (Score:3, Funny)
Never mind that his last name is "Cumming".
Re:infinite monkeys (Score:4, Insightful)
Bayesian filters rely on words. That means it is dependent upon word breaks and certain spellings. Well, spammers have been avoiding word breaks (either by removing spaces or introducing unnecessary ones) and obvious "spam words" by mangling the word or introducing "1337"-type spelling.
And Bayesian filters can't parse graphics, so a lot of spammers are careful to put words likely to trigger spam filters into graphics.
BTW, this article [brain-terminal.com] explains why there will never be a filtering-based solution to solving spam until SMTP itself is made more secure.
Re:infinite monkeys (Score:5, Informative)
Nope, because my Bayesian filter works just as well for 0bfu5c4t3d words as it does for properly spelled ones. They are all just sequences of letters, and anything that is deliberately misspelled is going to become identified as spammy very quickly.
Or why you're getting so much spam where the text content is contained primarily in images rather than plaintext?
Nope, because I have images turned off by default in my mail viewer. If a stranger wants me to read his email, he'll need to send it as plain text, because (as you point out) HTML email with images is used as a spam vector and little else.
BTW, this article explains why there will never be a filtering-based solution to solving spam until SMTP itself is made more secure.
Funny, my Bayesian filter is working fine at this very moment. Who should I believe, your article or my own eyes?
Jeremy
Re:infinite monkeys (Score:3, Informative)
The problem with obfuscated words is that there is a pretty sizable set of permutations for any given word. If one obfuscated variant ends up in your spam word list, that doesn't take care of the thousands of other obfuscated versions of the exact same word.
combat the flaw? how? (Score:2)
But how do you combat someone that essentially has your "ham"?
Re:combat the flaw? how? (Score:2, Insightful)
Although it may be difficult to discover where the spam came originated, it's pretty clear where it wants you to go (probably the person who commisioned the spam in the first place.)
Re:combat the flaw? how? (Score:3, Insightful)
You are starting with a heretical premise that government, or rather, the large corporations which pull the strings, have the same objective as the end user (the end of spam). Of course, it could be stopped (by cracking down hard on those contracting the spammers). But it is much more useful for them if the "war on spam" goes on and on, while the measures with side-effects (on your wallet, your freedom and your privacy) are gradua
Discovering Keyword (Score:2)
"The actual words it found were a total surprise," said Mr Graham-Cumming.
The list included words such as "Berkshire", "Marriott", "wireless", "touch" and "comment". Including just one of these words convinced Mr Graham-Cumming's real spam filter that a message w
"and can be combated." (Score:2)
Re:"and can be combated." (Score:5, Funny)
1. Find spammer
2. Kill spammer
3. Become hero of the interweb
4. Write book from prison
5. ???
6. Profit!
Your question is exactly why the death penalty belongs on the street, not in prison.
Re:Discovering Keyword Demographics (Score:4, Interesting)
The keywords would be different for each person.
But I suppose you could discover a select set of keywords for specific demographics, if you defined them very precisely. This would move spam out of the normal "spew it everywhere" phase, where they would have to pay for real marketing data.
Which sort of misses the point of free advertising in the first point, at least for the small guy. Of course, the big boys can pay for this sort of thing.
Re:combat the flaw? how? (Score:3, Insightful)
Ok fuck it (Score:5, Funny)
Screw these filters and shit. Start creaming spammers worldwide and they'll think twice about it.
Tom
Re:Ok fuck it (Score:3, Informative)
But you might've wanted to add a smiley...
Re:Ok fuck it (Score:3, Interesting)
He hasn't, actually -- those laws don't apply extraterritorially, and Tom's in Canada.
Re:Ok fuck it (Score:5, Funny)
Re:Ok fuck it (Score:3, Interesting)
At a minimum, he would be arrested if he came to the states. However, if someone actually went through with the crime, I'm sure Canada would be willing to extradite him. Canada doesn't want maniacs running around free, anymore than the US does.
Re:Ok fuck it (Score:3, Interesting)
Re:Ok fuck it (Score:3, Interesting)
In all liklihood the judge would declare a mistrial. I'm not familiar (we weren't told) with the judge's powers over a jury and what laws apply to jury conduct. It might be possible for the judge to declare the jury in contempt for disregarding the judge's instructions on how the law(s) are to be applied.
It's not l
Re:Ok fuck it (Score:5, Funny)
That assumes that beating the shit out of a SPAMmer is a "maniacal" act. I would argue that it is a perfectly rational course of action, and indeed a public service.
Canada's Finlandization by the US might compell it to hand the guy over anyway, but certainly not for fear of having maniacs run loose (unless you count our troups poised on their border to enforce US Political Correctness Bush Style abroad).
[ Disclaimer required by Our Surveillence State: the preceding was a joke (c.f. humor). ]
Re:Ok fuck it (Score:5, Insightful)
The solicitation was made on a server located in the US. I don't doubt that Ashcroft would consider that US jurisdiction, regardless of the physical location of the poster.
There's a lot of guys in dog cages at Guantanomo Bay who've NEVER been to the US. I'm not so sure these days that when the US governemnt is pissed off at you, where you are and where you did something matter a whole lot.
Re:Ok fuck it (Score:4, Funny)
Re:Ok fuck it (Score:3, Funny)
Dear Slashdot,
I am seeking volunteers to join me in a business oppurtunity which has recently come to my attention. Please volunteer if you meet the following three qualifications:
1) Willing to send 1 spam email.
2) Willing to have ass beaten.
3) Want $250.
If you said yes to all three of the above, please contact me.
P.S. For those who consider #1 to be unethical, consider #2 your punishment.
How about something a little more legal? (Score:3, Interesting)
How about putting that $1K towards a legal use and offer it as a bounty to anybody who tracks down a spammer, sues him, and gets him thrown in jail and/or bankrupts him (via court imposed fines)? It may not have the same immediate satisfaction that you were originally seeking, but it's far more legal and I think you could find plenty of people here on Slashdot
Re:Ok fuck it (Score:3, Interesting)
[sarcasm]Yeah, let's just trust the government to take care of every aspect of our lives and never go against anything it says.[/sarcasm]
Saying something's "vigilante justice" doesn't automatically make it bad. In order to make that conclusion, you have
Obligatory POPFile Link (Score:5, Interesting)
Re:Obligatory POPFile Link (Score:3, Informative)
Re:Obligatory POPFile Link (Score:4, Informative)
Personally I prefer SpamBayes (Score:3, Interesting)
In particular, I like their "unsure" categorization. All the "false positives" go in there, and cleaning that one folder out regularly is easy.
Re:Obligatory POPFile Link (Score:3, Informative)
That's dedication... :( (Score:3, Insightful)
Re:That's dedication... :( (Score:4, Insightful)
As you alluded to, it'd be easier to teach fish to fly. The internet essentially carries with it a stupid-user tax. Worms, virii, spam, et al are the by-products of stupidity, but as with most taxes, it just something that you have to deal with.
Re:That's dedication... :( (Score:4, Interesting)
Aren't we the ones our friend(s) and co-workers ask about computer stuff?
I have taken this a step further and contacted a few "computer journalists" locally and suggested that they make the spam/virus connection the next time they are writing about the latest virus. It's natural to answer the question 'where do these virusses come from' when talking about the latest scource of the internet.
Y'all are going to hate this, but... (Score:4, Insightful)
It is silly to assume that all these people are just morons. After all, Viagra is proven to work, it is a legitimate product of sorts. The internet is there for hefty short limp (ahem ahem) non-digerati as well as for propeller heads, God bless 'em.
It seems to me that spam is the runaway bastard-child of something which actually is good and useful -- that is, targeted marketing to the willing. Don't throw out the baby with the bathwater. There is a huge legitimate market out there, just begging to be flee^wmarketed.
The anti-spam people are fighting against the Invisible Hand. Good luck.
Re:That's dedication... :( (Score:5, Informative)
There's a cunning recursiveness to this which is at that fine line between clever and stupid. The difficulty is, as he also deduces, that each person's Bayesian rules for spam vs. nonspam are unique and will require many attempt in order to infer the pass-through words that will create a false negative and allow the spam to come through. The one step that people are missing is that if the evil spammer wishes to work on spamming a domain (both in the internet sense and in the "domain of expertise/specialization" sense) she can tailor the pass through words to the market. If she's sending spam to Intel or AMD corporate addresses, then lithography might be the magic word; if she's spamming Xilinx, the fpga will route through the Bayesian filter; if she's spamming Dave Barry, then debenture and fish falling from the sky might help spam make it through, Natalie may or may not make it through a
The counterattack from the corportate mail-server will be to look for these similarly unique messages being sent to multiple users.
Tch tch... (Score:5, Insightful)
"Make it idiot-proof, and someone will make a better idiot"
Re:Tch tch... (Score:3, Interesting)
Just that certain technical protections are of the nature that it's not a "I try some random protection, the idiots an
The only way (Score:4, Informative)
Re:The only way (Score:5, Funny)
Re:The only way (Score:5, Funny)
Ummm.... then what good is it?
Do you just e-mail yourself?
Great (Score:3, Interesting)
I don't mind him trying to defeat the filters, if it comes up with a method of improving them, but the BBC should be shot for including the words that made it through
Guess which words all tomorrows SPAM will contain...
Re:Great (Score:5, Funny)
Only if you're the author. (Score:4, Insightful)
In the article, it points out those words listed are good for getting past his filter. If you don't normally have mail that uses those words, then your filter will still catch it as spam.
Now, if you do deal with the Berkshire Marriott frequently, asking them for comments on your wireless setup, then yes you're up the creek.
Re:Great (Score:2)
Here's a sneaky one... (Score:5, Interesting)
Re:Here's a sneaky one... (Score:3, Interesting)
Re:Here's a sneaky one... (Score:2, Interesting)
Re:Here's a sneaky one... (Score:5, Informative)
That's an overly strong statement to make, and even a little bit irritating to people like myself who actually implement statistical content filters, natural language systems, etc.
If you are equating "content based filtering" to "Bayesian filtering" then you really only understand 1% of the current state of document classification. Bayesian filtering is a rage right now because it's a linear time algorithm (i.e., implementable on PC hardware). There are document classification schemes that will eat Bayesian for lunch, which are not appropriate for email filtering at this time because of their computational cost. But with continual progress on the algorithms, new methods for reducing search spaces via extremely clever sense-similarity heuristics, and with computers doubling in speed every 18 months, it's closer than you think.
The spam/ham problem is what data mining researchers would call a "toy problem." You want us to classify documents into only two classifications? Only two? Piece of cake. The problem is, you want us to do it on PC hardware where it isn't feasible to run O(n^2) or O(n^3) machine learning algorithms.
Let the researchers continue what they're doing. People are just now starting to apply SVMs and other cool techniques to the problem of spam filtering. You'd be amazed at how many of the well-known data mining and statistical NLP researchers have not even thought of using their arsenal against spam.
It's coming, please be patient.
Re:Here's a sneaky one... (Score:4, Insightful)
I think you overestimate the intelligence of these creeps. The fact that spammers are using more and more of these garbage terms, randomizers, and other hacks to get around the filters actually encourages me -- it demonstrates that they really don't have the slightest clue how statistical content based filtering actually works. Currently, they are taking advantage of the extremely bad decision to assign a 0.4 score to unknown words. The spammers are exploiting a crack in the armor, which means the armor needs to be fixed.
A human can filter spam. A spammer can't weasel his way around human intelligence, so this sets an upper bound on how advanced the spammer techniques can get. All we have to do is get document classification up to the point of competitiveness with human performance, and the problem is solved. And research into these directions isn't wasted, because the motivation for the research is for actual important document organization tasks. The effect of stomping out spam will be a cool side effect.
If a spammer was ever actually intelligent enough to get around serious, well-constructed classifiers, I highly doubt he would be in the business of spamming. To suggest that spammers could intellectually compete with people whose have spent years specializing in statistical language processing is a tad bit ridiculous.
At some point, to sell something, the spammer has to say something intelligible which is an advertisement. They can't hide this. Techniques which are foiled by bogus terms at the bottom of the email are broken. It's not a valid reason to believe that spammers are actually getting smart.
If there was any way of filtering these... (Score:2)
Mainstream Media Coverage (Score:3, Interesting)
Typlically they include a large image at the top which is the entire intended content of the image and then a bunch of dictionary words at the bottom. It's basically impossible to filter these out unless you filter out ALL HTML e-mail because they don't contain any typical spam text.
my spam filter (Score:5, Insightful)
It works a treat
The other trick I have found useful is the CamelCase nature of my name - spammers tend to mail me either as skarcher or SKARCHER, and both trip filters on my mailbox.
Outlook 2003's non-Bayesian junk filter (Score:2, Informative)
He'd have an easier time avoiding filters... (Score:3, Funny)
One word: WHITELIST. (Score:2, Informative)
I still say spamming needs to be a felony, though.
Re:One word: WHITELIST. (Score:3, Interesting)
Headline tone (Score:5, Funny)
That description sounds too noble for an activity like this. More appropriate headlines would be Making Spam Slick as Owlshit or Infusing Spam with Satanic Strength.
Educate the people (Score:2, Interesting)
Nothing to worry about. (Score:4, Informative)
He had to send himself thousands of copies of the same message each one holding an encoded chunk of HTML that reported back to him when it got past the filter.
The concept is that the spammer has to find words that are so common in a person's ham that including them in spam would fool the filter. However, as those words are unique to each person, a lot (thousands or more) of spam must be sent to test the filter. The problem for the spammer is to figure out which spam actually got through (in order to identify the important words) - something s/he's not able to do for users with a decent email client...
I still feel quite confident that SpamBayes will keep my inbox free from spam.
Why bother? (Score:2, Interesting)
Not a problem with proper training (Score:2)
No problem. Just drag that sucker into the spam folder and the next hourly cron job learns about it. I've never seen it miss a repeat spam and false positives are extremely rare.
how NOT to get SPAM 101 (Score:4, Insightful)
2. don't use free email services hotmail etc.
3. don't use AOL
4. don't let anyone have your address that forwards messages like "cute bunny pic" or "funny anti-geek joke" etc.
5. don't post your email anywhere.
6. don't sign up for majordomo lists.
How NOT to get SPAM 201 - a more practical guide (Score:5, Insightful)
- 1) Register a domain (come on, they're cheap now)
- 2) Get an email address from your ISP or other provider (yahoo, fastmail.fm etc) that is complex and convoluted - no names or words
- 3) set up mail redirection with Zoneedit, redirection.net etc. with a catchall to your new mailbox.
- 4) Use a different email address every time you must sign up for anything (ie amazon.com@newdomain.com)
- 5) Filter on sent to headers at first sign of compromised id, or if the volume for a particular id gets too heavy and you're tired of client side filtering, set a specific redirection for it to sample@sample.com (do a whois on sample.com if you're curious).
- 6) Enjoy the same spam free mailbox I've had for 2 years...
Also helpful is to change your reply-to address every few months and give your friends different addresses based on how clueful they areLine Noise (Score:5, Informative)
A previous story [slashdot.org] talked about the noise level of spam increasing.
And a very entertaining NYT article [com.com] that is in the process of expiring.
The upshot is that spam is being forced to look more and more like line noise. It will probably become less and less effective as the message has to submerge to the point where people can't recognize it.
Duh (Score:5, Informative)
What matters is that while one person's spam might be very similar to another person's spam, their ham isn't. At best, it would require a semi-personal approach to sneak in spam. That's why you need to continually train your filter in the first place. Rinse and repeat, that's what it's all about.
What's being described is not really a flaw, but rather a saturation point at which it's time to retrain your filter and perhaps even start over with a new database. The old one gets too much 'noise' after some time.
They do point out one thing, be it from the spammers POV: Bayesian filtering is a continuous process and not and end to all solution. It requires fresh input and gets less effective if you keep old crud around for too long and if you train it too much on virtually the same spam/ham.
It's still a much better solution than blacklists.
Re; Phase matched noise - invert and cancel (Score:3, Interesting)
Apply this to a mail server. Hold all mail for about 5 minutes (from outside only). Compare them all. Look for matches of more than 50%. Cancel the matches out and filter the incomming for the same. This nails lots of the worms and spam by rejecting the common mode noise. Most spammers create a message and ma
Sigh. It's depressingly predictable (Score:4, Interesting)
The question should be: how do we live in a world where 99.9(n)% of email is spam? When the virus writers and zombie masters and spysters start using their communications infrastructure for its intended goal of delivering advertising?
It's inevitable, and no amount of spam filtering will avoid it.
Here's a prediction I made maybe 6 months ago on Slashdot: we're going to start seeing viruses that modify real outgoing emails to include their advertising messages. (And no Outlook jokes, thanks...) How does one filter spam when real emails are also infected?
Let them do so and beat them where it hurts... (Score:3, Interesting)
What is more, if you multiply Bayesian or "word list" spam scores with results obtained with other methods, spammers may put "non-spammy" words into their spams as they like, but they only score their crap up instead of down.
Nowhere near as effective as my attack (Score:4, Interesting)
It even counters the "personalization" quality of Bayes filters by finding the "common core" of personalization that we all share.
Fortunately, spammers continue to be too stupid to understand this attack. Last time I posted this on Slashdot I got joe jobbed [jerf.org], because apparently it's easier to do that then to actually figure out what I was talking about.
In summary, I wouldn't worry about your Bayes filters for a while: While they are attackable, spammers are too stupid to understand the attacks. (My article has been posted for over a year.) Thank goodness, sort of. (This will eventually be a temporary situation... but I see no particular evidence that the breakthrough will happen anytime soon.)
Really don't understand it. (Score:5, Insightful)
When I'm going through the webmail access to my spam-bait accounts (the ones that are listed on my websites that I don't bother retrieving with my POP email client anymore because of hundreds of spams a day to each), if I'm fooled into opening one up, most likely because of it having a subject header that might be someone legitimate, the moment I see that the message body says anything spammy I immediately click the Delete button. I imagine everyone else in the world is doing the same thing.
It's gotten to the point where the preoccupation of spamming is just to get past filters, the result of which is that the message is grumblingly deleted by the irritated recipient. Who out there is saying, "Oh, look, this message got past all my spam filters and contains a lot of jumbled, garbled nonsense text alongside a plug for herbal penis enlarging pills. This must be legitimate. Now, where's my credit card,"? Do the spammers think that we're all clones of Dilbert's pointy-haired manager?
Spamming is not only irritating, it's pointless. Who is paying these people to spam us? Are people actually buying penis enlarging pills and patches, herbal viagra, mortgage refinancing, credit repair kits, or any of that stuff? Enough to put millions of dollars a month into the hands of career spammers?
I'm hopelessly at sea in this matter.
Re:Really don't understand it. (Score:3, Insightful)
Obviously, if an individual has gone to some trouble to set up spam filters, then she doesn't want to be bothered and the spam is pointless. However, the vast bulk of these filters are set up by the ISPs, and there's some value to the spammer to get through them to the idiot on the other side who apparently might actually
Re:Really don't understand it. (Score:3, Funny)
Re:Really don't understand it. (Score:3, Funny)
SHH!! If people paying for these things start looking carefully to see if they actually get a return on their investment, all sort of lunacy may follow:
- Companies may start asking: Let's see, I spend $1
Re:Really don't understand it. (Score:5, Funny)
Fortunately, this story has a happy ending! As I wrote this message, some polite people in West Africa contacted me and I think they are going to get me out of this financial mess.
I don't see how this is necessarily a problem (Score:3, Insightful)
I am building my own (Score:3, Interesting)
Just the other day I found one spam that used a white font to put in legitamate-sounding text that would not visually show up on the screen. The spam text was a mix of graphics and pieces of real text. Thus, the word "penis" might start out with "pen" and end with a graphic for "is". Bayesian might start looking for the word "pen" after a while, but by that time the spammers will have a new trick up their sleeve. For example, if it looks for white fonts, then spammers might start using slightly off-white fonts, or black fonts on a black background. The combinations are probably endless.
Thus, by making my own, my gizmo is not the target of spammers. They don't know about my filter nor care.
The only alternative I can see is filter vendors constantly changing their algorithms every month or so, which would probably get expensive and risky. It is not like virus checking software that mostly just adds to their database and only tweak the algorithm a bit once every few years; it is like having to completely rewrite the virus filtering algorithms, not just the data.
Ultimately, I think some sort of monetary postage system is the only effective solution. ISP and backbone makers will only have an incentive to track down spammers if they lose money on anonymous or forged spammers. This will make mass spamming far less lucrative.
Either that, people will eventually find out the hard way that penis enlargers don't work and stop wanting to refinance their house. (I wonder if I can refinance all those expensive penis enlargers that I bought?)
easily combatable (Score:3, Insightful)
It could then mark it with a spam rating and be combined with spamassassin or such.
plus, wouldn't the spamassassin logic be able to say, "hey, we're getting a lot of non-word stuff - our filters tell us it's spam" and defeat this spam already?
Re:Hmmm... (Score:5, Insightful)
It's a pisser that spammers now have another tool to circumvent filters; on the other hand, the people who write the filters know exactly what a spammer would do to make "better" spam.
The question is: who will implement first?
Re:Hmmm... (Score:5, Informative)
There's a direct analogy with cryptographic techniques where breaking them is most of the work... that way we know that they are secure.
John.
Re:nice name (Score:4, Interesting)
John.
Re:Lets Help Him Out (Score:4, Informative)
Perhaps you didn't read the article: I am not a spammer, I work for a company that makes anti-spam software.
John.