[Mimedefang] Slightly OT: Knowing the Spammers tools
Ian Mitchell
trash at aftermagic.com
Wed Feb 23 09:49:33 EST 2005
Evil Bastigiges! These products are the reason why setting up an open
relay is not only dumb but dangerous and why blind gateways that auto
forward error messages can also be just as dangerous. Finally! The idiots
responsible for filling my firewall logs...
And thank you much for NOT cold-calling us ;)
As for the notes of different ways to fool tools like spamassassin and
mimedefang, any form of greek HTML and fumbled Base64 encoding that
represents itself as the content of the message should be suspect, and I
would figure it's only a matter of time before those techniques become
flags in SpamAssassin on their own. The only way to reliably send spam all
the time without the worry of various emails getting flagged by what ever
open or closed products on the market is to send the message to specific
recipients that ask for it, and to type it in plain english text with no
attachments and no offer to sell you anything. But then again, I guess
that's not very effective for use of commercial interests. hmm...
You know, I'd be curious how the purveyers of this software would stand if
challanged by the legal issues we raised a few weeks ago. Wonder if the
folks at www.sueaspammer.com have heard of that site? Now that would be
interesting... www.sueaspammerssupplier.com
> From: "David F. Skoll" <dfs at roaringpenguin.com>
> Subject: Re: [Mimedefang] Slightly OT: Knowing the Spammers tools
>
> On Wed, 23 Feb 2005, Matt Smith wrote:
>
>> Was just forwarded this link by an anti-spam product cold caller:
>> http://www.send-safe.com/screenshots.php
>
> Was the cold-caller trying to put down SpamAssassin and/or anti-spam
> products that are relatively open? :-)
>
> send-safe.com can only evaluate static SpamAssassin rules. It can't
> reliably evaluate RBL rules, SURBL rules, Bayes rules, etc. And it
> obviously can't do anything about non-content-based countermeasures
> like greylisting, SPF scoring or Sendmail's new "greet_pause" feature.
> So it doesn't actually help spammers all that much.
>
> It does provide good fodder for anti-spam companies that claim to
> "work better" because they don't tell anyone how their product works.
>
> Regards,
>
> David.
>
> P.S. If you want commercial anti-spam software, we'd be happy to cold-call
> you. :-)
>
More information about the MIMEDefang
mailing list