[Mimedefang] Re: HTML e-mail is unspeakably evil (was Re: [Mimedefang] Considering an additional spam filter)
Joseph Brennan
brennan at columbia.edu
Tue May 27 09:15:01 EDT 2003
David Skoll noted,
> HTML mail is unspeakably evil, and simple-minded solutions will not
> work. Consider:
>
> As seen on Op<noframes>pression is contrary to the To</noframes>rah...
And I tend to agree. This is like the early days of spam header
forgery a few years back, when it was easy to reject mail for
stupid errors. Remember the one that had timezone "-0700 EST"?
This junk will be done better and better.
Reject all html mail? Maybe. It has its proponents although
personally I could live happily without it.
The purpose of the obfuscation seems to be the same as pointless
base64 encoding: to foil very simple checks for words in text.
But SA routinely strips tags before matching. Ironically it is
the obfuscation itself that calls out this stuff as spammy. Some
of it doesn't score all that high otherwise.
Anyway the essential point is to put tags inside words with
no spaces around them. Thus
As seen on Op<noframes>pression
is more suspicious than
As seen on Op <noframes> pression
But spaces look small in many fonts, and if putting them in
makes the spam pass, they'll do it before long. Spamware has
a natural cycle. We hardly see "To: friend at public.com" any more.
Joseph Brennan Columbia University in the City of New York
postmaster at columbia.edu Academic Technologies Group
More information about the MIMEDefang
mailing list