[Mimedefang] Image blocking idea
Kevin A. McGrail
kmcgrail at pccc.com
Thu Apr 20 09:27:51 EDT 2006
David is right. I've already seen similar obfuscation where they are taking
advantage of adding (or removing) small amounts of data to the image file.
The end result is the user sees the image fine but the sha1/md5/check sums
are different because places were already doing that.
However, here's a question for all those crazy layout spam's that looks like
"hey wanna buy a duck?
kJdkfjsakdjfaksjd" and then in plain text end up being like hkyJdkwa...
because they are using html to move the letters you shouldn't see. Anyway,
sure most of you know what I'm talking about. The point is, anyone know of
an HTML to image generator that could then be thrown into Martin's ocr
plug-in?
Regards,
KAM
> > Here's an idea for blocking image spam: What about taking the idea of
> > SURBL and DNSRBls and extending it to images. My proposal is to hash
the
> > image and do a DNS query using the hash value and domain hosting the
image
> > RBL.
>
> This is a good idea until spammers start mutating their images.
More information about the MIMEDefang
mailing list