Slashdot Mirror
New Kind of Spam 'Un-Training' Filters?
Zaphod2016 writes to tell us the Wall Street Journal is reporting that email in-boxes are under a new kind of spam attack. This new spam has confused many people due to its lack of advertising, viruses, or request for personal information. One popular theory is that these innocuous blocks of text, often drawn from popular literature, are being used to "un-train" spam filters to allow more malicious spam through in the future.
Wouldn't it work the other way around? I still flag crap like this as spam, so it seems like it'd train my spam filter to have more false positives, no?
---John Holmes...
I've been seeing this stuff for like a year now. Thunderbird somehow manages to be soldier through it with few problems.
there is no need to sign your posts. this isn't usenet. your username is right there above your post. stop it.
I got some with advertising images. Let me guess, you strip images from suspected spam.
Haven't people known this for years now? I thought it was common sense.
-mrxak
Onions Will Kill You
As a hobby, I play around with ways to classify spam. Not much of a hobby, but I find the problem interesting.
Lately, I've also been trying to use my vectorspace engine to classify spam.. so these sorts of things might get in, but only because they fall into the general category of readable text...
I've also been thinking about building a GPL tool to provide "sound-based" classification sort of like a "one second orchestra" playing in harmony/disharmony based on the content.
Regardless of the engine I use, I still have to dig through my trash bin every few days to make sure nothing good slipped through.
meh
It is such animportant element, you see, that duration
of time. I consider twelve hours a substantial measure. So I ran along
the drive and upthe steps and into the house, but did not see either
Mrs. Iobserved:Your Excellency is not easily satisfied. And I marvelled,
and said:How comes it that I have hitherto been deaf to these
distressfultones? Il passe sur la route, mais toujours en sens inverse.
For a mental state such astheirs, appetency rather than instability is
the right word. Which reminds me that the old adage about let us eat and
drink, forto-morrow, etc. Mais odonc est la vie, sinon dans le peuple?
They lamented dismally among themselves in many tongues:How I suffer!
Take that little one on Lzards, for instance;or, in the other volume,
the bizarre Joies Noires.
"Tell me doctor, with all of your defenses, are there any provisions for an attack by killer bees?"
Here I was thinking I was telling my boss old stories and making him think they were new, but obviously since the WSJ is just reporting it, I was way ahead of the curve in telling him.
I must be psychic.
God: "I don't leave footprints!"
The
Like I say, it confused me for all of a few seconds then I moved on with my life. I'd be interested to know how many people put up money for products / services they were spammed with.
I've been getting 3 or 4 of these a day for at least a month now. The text can
always be found in some file of an old book provided by the Gutenberg
Project, which is making non-copyright texts available through volunteer
effort.
I think the theory about using this stuff to untrain spam filters is very plausible.
But it's difficult to see how it will work. There's no common text among these
e-mails; in order to send effective spam, there'll have to be at least some text which
is the same across multiple mails, and that will tend to expose it.
It seems to me that, and please prove me wrong, that whatever technique legitimate researchers come up with to stop spam, is quickly outsmarted by independent teams of illegal spammers. Do the spammers have an easier job, or are they just smarter?
Apology to Ubuntu forum.
I still flag them as spam. If I don't know the person or want their information, its spam. No Muss, no fuss. If I didn't personally give them my e-mail address, its spam.
Click Click Bloody Click PANCAKES!
kind of shit. Why the hell do you fucking spammers think that anyone will ever buy from you?
I am SICK of training and retraining and retraining spamassassin for every new tactic you guys get. NO one here is going to buy your shit so knock it off already.
I'd love to switch back to ASSP - - spamassassin just isn't working out for us.
The Christian Right is Neither (Christian nor right). See: Matthew 23, Matthew 25, Ezekiel 16:48-50
I've seen these, it was like half of a quote from some popular novel. I was assuming they were doing this to get the spam victim to respond to the email thus adding the spammer to the person's auto-contact list and allowing real spam to get through.
The text block spam is very common WITH images . I suspect that what happened is some lame spammer got a BIG botnet contract, sent out his spam, and forgot to include the image.
Test your net with Netalyzr
Here are some excerpts of this type of spam from my school's mail filtering system, Mail Marshall:
..."
... so I'm not sure how this will "train" the filters.
"One cannot bring children into a world like this. She tried to get hold of things by the right end anyhow. She stood her upright, dusted herfrock, kissed her. Perfect nonsense it was;about death; about Miss Isabel Pole. And of course she enjoyed life immensely. He has his penny, he reasoned it out
Here's my favorite, with some bizarre non sequiters:
"Yes, we are dirty, said Maggie, looking at her; she was in her day clothes. Prejudiced;narrow; unfair, he repeated, tapping her hand with his finger. The light from the engine lit up a quiet group of cows; and a hedge of hawthorn."
Thing is, the spam detection already catches it
I heard an interview yesterday on NPR about this.
y Id=5624749
http://www.npr.org/templates/story/story.php?stor
The article includes the claim that spam received by people fell by 17% from 2003 to 2005. That doesn't really fit with my experience, the experience of other people I talk with, and other data that indicates that an higher percentage of overall email traffic is spam.
I wonder what view into the various statistics that Jupiter Research employed to make this claim. Perhaps spam filters have improved, and the spam that people actually see in their inbox has fallen. Google's spam filter seems to work better than others, but I don't think Google could account for a 17% drop overall, and I don't see much evidence of major improvements in spam filtering technology overall.
If you mod me down, I shall become more powerful than you could possibly imagine.
This is old, and if it's meant to un-train spam filters it isn't working. SpamBayes just gets better with age.
The only news is they're now calling it Spam 2.0
Bayesian and other filters do not rely on "spammy" words alone -- they also rely on "unspammy" words, and spammers have no idea what those words are because each person receives different email.
A scenario, with made up (but plausible) numbers: Suppose you're a developer of a Linux driver for the Bozodrive 1000. The majority of your legitimate email comes from Linux driver development mailing lists. A full 50% of those emails contain the word "IRQ." 99% of the emails contain the word "driver," and 15% contain the word "Johannsen" which is in the signature of one of your friends. And precisely 0% of the emails containing any of these terms have ever been found to be spam.
Any decent spam filter will give a huge weight to the presence of these "unspammy" words, because of the extremely high probability of emails containing them to be non-spam. The presence of randomly selected confusion words in empty spams is not going to affect these frequency counts.
In order to defeat a filter by confusing it, the spammer must guess what the SPECIFIC non-spam words for that PARTICULAR email user are, and then produce bogus, spam messages containing those words in the appropriate frequencies. This will cause the classification counts for those words to become more equalized, and the value of those words in determining spammyness to be greatly reduced. However, this is an impossible task unless the spammer has access to the actual emails of the target.
Perhaps the intent of the empty spams is to confuse the filters, but whoever devised the method has no understanding of how these things actually work, whatsoever.
Yeah, they're annoying, and doubly annoying for anyone joe jobbed, and poorly setup C/R systems annoying mailing lists, but there's one thing that can't be beat about them: You can guarantee a human at the other end (assuming it takes more than a just pressing reply) and you can track spammers down that bother to put the effort in. Oh, and you don't need to "upgrade" SMTP or get someone to adjust your DNS server (Here's looking at you, SPF!) to get them to work.
The net cost of getting humans to reply to C/R mails means spam becomes expensive.
Yes, it sucks, and yes, there's the people out there that refuse to work with C/R systems. But I don't care. I don't need to talk to everyone on the internet, and the 1% - 2% that won't deal with C/R can FOAD for all I care.
The issues of C/R systems having infinite loops, etc, have been worked out over the years. That doesn't happen anymore with the latest versions. I would reccomend looking at either TMDA for a server side solution, or ASK for a client side solution.
(Of course, there's specific instances where C/R systems are simply too annoying, like trying to get sales leads, etc, but for the average person, that's not an issue.)
The best design would be a SPAM filter with a C/R system for mail that isn't marked SPAM. Joe jobs become much less of an issue, and you still don't get any SPAM.
Or maybe someone is co-opting zombies to send relatively harmless spam instead of their normal spam.
Or maybe someone is testing a spam engine.
Or maybe someone is bored and doing this on a lark.
No matter what, I've seen nary a single one on any of my email accounts. None of my filters are being fooled...
"Trolls they were, but filled with the evil will of their master: a fell race..." -- J.R.R. Tolkien on Olog-hai
Ironic that we were trained by Hollywood to think that the Net would attain self awareness in the blink of an eye.
It is happening slowly... the cyber Hive Mind is trying to communicate with us.
I, for one, welcome our new silicon overlords.
I am very small, utmostly microscopic.
I have seen some of these slip though for a while I think the only purpose for them is to get some neophyte who is confused by them to send back a "WTF?" response thereby confirming a "live one". I suspect after that the floodgates open. I am sure that we will see many more attempts to circumvent filters. After all, weasels abound.
I've always maintained that the way we allow people to email is socially inept and devoid of manners.
There SHOULD be knocking i.e. white lists (not black lists) I should not be able to receive email from Roibert D. bigerection or any other such retard.
Why can't gmail or other big mail providers get behind a standard where I invite people to be allowed to email me. It s not.
I mean I can invite people to use gmail. Whay cant I invite people to mail me. Damn it!
It's the principle. I dont even care if they're spammers. I'd like to get a mail.
"User .. has requested to be allowed to email you. Is this ok. Yes/No..."
We use this feature with messengers why not mail???
The way we speak to each other in this world is beggining to pis me off and has husge cultural ramifications for future generations. Email is one of the primary ways we comminicate today!
Dont underestimate what kids pick up from it
Do we want people comming over to us and talking in our ear when they dont know us. Thats what we promote with email. Spam filters are a good temporary solution but its not far enough IMHO
The WSJ article also gives due time to the theory that the spamware is simply broken and that the spam payload is being delivered with the padding and not the payload. Since I've previously seen plenty of Gutenspam (my name for this spam that contains snips from Gutenberg texts) with an image payload attached, I'm definitely leaning toward the notion that they slipped somewhere and are now not delivering the image.
Woe betide literature discussion groups now that filters are trained on the classics.
Done with slashdot, done with nerds, getting a life.
My home spam filter does not seem to be affected much. I run dspam which has a feature in that over time it will forget words if they are not used in spam. Since the text is usually different or random, it does not have any significant effect on generating false positives. In the years I have been running dspam with tens of thousands of emails, I have only gotten 3-4 false positives.
By having a baysian filter forget over time, it also helps shrink down the database and helps it adapt as the contents of spam change over time.
Of course I also use other spam blocking techniques, like using realtime black lists (RBLs) and blocking a number of Chinese subnets... I should add tpnet.pl and Verizon as well.
This post is encrypted twice with ROT-13. Documenting or attempting to crack this encryption is illegal.
I have seen quite a number of corrupt e-mails coming from spammers. Occasionally you find the subject is merely %%SUBJECT%%, or an e-mail has entered your system consisting of just the headers and no body.
My theory is that there are more people attempting to use spamming applications, and many of these people don't have a clue what they're doing. You'll probably find that they've forgotten to add their text to the e-mails, or are just not reading the documentation on how to successfully send their spam.
Linux/Open Source/Anti Microsoft News
It strikes me that one way to combat botnet spam, might be to write a script that would extract the sending
IP from identified spam, and add it to a blacklist (wither local or centrally located). Seems like a large number of email clients, all reporting spamming zombie's IPs to a central source could quickly build a list (freely downloadable) of "posessed" IPs.
In the future, any email coming from or via those IP addresses would be automatically classified as SPAM.
So, why won't this work? The database would also be very handy if you wanted to check if your PC was "pwned".
The term-of-art within the anti-spam community is "Bayes Poison". Generally its appended to an actual spammy offer, but some spammers have in the past used the technique with web-bugs to determine whether they are able to deliver to particular boxes with non-spammy content, so that they can evaluate whether their later more-spammy content was excessively spammy or whether it hit the sweet spot on the blocked vs. effective-sales-pitch continuum. Most people in the anti-spam community report that garden variety Bayes Poison is ineffective at either de-spamming spammy messages or causing your corpora to be skewed to the effect that they are unusable. One major reason for this is that corpora are so specific to individual users. For example, poisoning my inbox with copies of Huckleberry Finn is rather ineffective because nobody I talk with on a regular basis writes like Mark Twain. For you to do actual damage, you would have to know enough my habits to guess subjects and words which appeared very commonly in legitimate mail -- for example, the names of my family members, keywords relating to my job or extracurricular interests, etc. It is very difficult for spammers to get this information, but some academics have reported that it is theoretically possible, although in practical terms very difficult, to use web bugs to extract the "secret sauce" needed to land in one particular inbox. http://www.jgc.org/SpamConference011604.pps
Help poke pirates in the eyepatch, arr.
By having a baysian filter forget over time, it also helps shrink down the database and helps it adapt as the contents of spam change over time.
Having the filter forget is the ONLY effective policy. In statistical filtering, it is certainly NOT true that more data == better results. You want a sample of data that most accurately represents the sort of content you are receiving RIGHT NOW. I completely purge my Firefox Bayesian database every couple of months and retrain on recent emails only. The result is ALWAYS an increase in accuracy, particularly a reduction in false positives.
The only way to increase the false positives is to get the spam filter to learn the words that usually appear in your legitimate messages.
Since the spammers have no way of knowing what those words are, there is no way they can bypass your filters
While that might make a Linux driver developer, a theoretical physicist, or a lawyer more defendable from spam, what do you think the impact will be on the vast unwashed masses that do not subscribe to highly specialized mailing lists? Take my dad for instance; he isn't on any mailing list; 99% of his email is along the lines of "how are you" and "give my love" etc; pretty run of the mill stuff. I could see easily see this sort of attack working against a Bayesian filter protecting his inbox.
Spam and anti-virus are good examples of fields where the "solution" is reactive to the problem.
1. Spammers and malicious code writers come up something annoying.
2. Anti-spam and anti-virus software reacts with a method to prevent the annoyance.
3. Spammers and virus writers implment new tactics.
4. Repeat steps 2 and 3 ad infinitum
(The "Proft!" step is probably at 1a and 3b, but that's another issue)
It's not that the spammers are "beating" the spam filters, it's that they are using new tactics and it takes a certain amount of reaction time for the filters to be updated to fight the newly evolved threat. This is why spam filters aren't the ultimate solution to spam, though they are a useful stop-gap
Interested in a Flash-based MAME front end? Visit mame.danzbb.com
Spammers till have to tell you these two crucial pieces of information. If they're selling Viagra, they have to make that known to you somehow. If they're selling anything (and not just trying to increase brand awareness, which is a separate problem), they have to tell you how to contact them and buy whatever crap they're peddling. They can make this very hard to discern via obfuscation, leet speak, image substitution, etc. But the contact information ultimately has to boil down to something meaningful and unambiguous, or there won't be any sales.
So the solution is to recognize and ignore spam based on either or both of these criteria. Ultimately, a collection of trusted humans need to review a message and say "this is spam, alright", allowing the filters to recognize the contact information (phone number, email address, web site, etc.) as spam.
I'm not too worried about spam that tells me to "Drink Coke!", I don't get much of that.
it's a blue bright blue Saturday hey hey
*shudder*
I can't even imagine what sort of lasting damage one could do to one's, uh, member.
Eureka! That's how to stop spam. Educate people with a campaign reminiscent of the Speed Kills campaign, so that people understand they could permanently damage their penis by taking unregulated pharmaceuticals from shady online stores hosted on 0wn3d pcs.
If you mod me down, I shall become more powerful than you could possibly imagine.
It is such animportant element, you see, that duration
of time. I consider twelve hours a substantial measure. So I ran along
the drive and upthe steps and into the house, but did not see either
Mrs. Iobserved:Your Excellency is not easily satisfied. And I marvelled,
and said:How comes it that I have hitherto been deaf to these
distressfultones? Il passe sur la route, mais toujours en sens inverse.
For a mental state such astheirs, appetency rather than instability is
the right word. Which reminds me that the old adage about let us eat and
drink, forto-morrow, etc. Mais odonc est la vie, sinon dans le peuple?
They lamented dismally among themselves in many tongues:How I suffer!
Take that little one on Lzards, for instance;or, in the other volume,
the bizarre Joies Noires.
NPR covered this issue this morning and had a guy from project Gutenberg read a few sentences like this. I have a degree in literature (I know, shocking), and I thought to myself that this would qualify as good dada.
I'd rather have someone respond than be modded up.
This is seriously bad news, I just got my filter toilet trained...
Do not try to read the dupe, thats impossible. Instead, only try to realize the truth
What truth?
There is no dupe
so they're force feeding millions of americans excerpts from classic literature? this is bad how? I've gotten these spam e-mails before and actually enjoy them.
Given the number of spam messages I get that are sent to enabled_stateme@mydomain.com or which have unreplaced template text in them, I'd have to say it's just incompetence.
More worrying is the spam which comes on images and contains random blocks of text as hidden writing. My spam filters are having lots of trouble identifying these, and I am now starting to get a lot more false positives because of invalid (my fault) training.
Training monkeys for world domination since 1439
Email in-boxes are under attack from some unlikely menaces: J.R.R. Tolkien, Daniel Defoe, Alexandre Dumas and other authors whose classic works are surfacing in a newly popular spam scam. - I don't think the spammers are after 'untraining spam filters'. I think their plans are much more devious than that, they are advertising literature!
(governments must do something, think of the children who may start reading instead of watching TVs!)
You can't handle the truth.
spam mesmeriseration
I see the war of SPAM as an escallation war. Each side escallates its response to the other sides latest counter move. At some point, the system is gonna break, and we haven't quite reached that point.
......
The real problem with SPAM is what I call "hidden costs" associated with it: the extra bandwidth, the cost of increasing filtering technology, the labor costs, oppotunity costs due to filtered legit emails
Only real pain is going to stop SPAM. Pain on the SPAMMERS or on those paying for the priviledge of being spammed. When the system gets to its breaking point, someone is again going to suggest a payment scheme for email, one that effectively denies the spammers emails, but allows free (both kinds) (or very low cost) email to the masses.
I think I have just a solution. Email Broker Tokens.
When Email accounts are created, the creator is granted a number of tokens along with the service he is paying for. These Tokens are then attached as part of the email being sent, and are collected by the recipient, who adds these tokens to his account. For each email sent, a token is exchanged with the recipient who then has tokens to use for further emails.
Since the "net" usage for MOST people is, on average, even, this system will work for "most" situations. Those people who legitimately need to send more can buy them from their provider, or buy them on the open market, from people collecting excess tokens.
This exchange system will effectively reduce all spam to semi legitimate commecial email. The quick rich V14gr4 / C14li5 and nigerian / lottery scams will be left high and dry. They will then have to pay to send email.
I realize that this is going to require a entire overhaul of the email system as we have it today, but that also provides a side benifit eliminating zombied SMTP servers on Windoze boxen. At some point, the system is going to break under the load. Might as well start planning for it.
Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
What puzzles me is these odd 'spam' emails I get which have nothing in them. What's up with that? Just a blank email from some strange address. What's the point? Anyone else get these?
Software defects also appear to be a cause of defective spam. I've noticed trends which appear to be someone debugging their spam system by sending message to everyone over and over until they get the message content right. Sigh. They could test by sending to themselves, first, and at least spare us the test/debug cycle for broken spam.
If you mod me down, I shall become more powerful than you could possibly imagine.
I still read the stupid emails from my own contacts, even when they're useless quotes from literature and/or commercial advertisements. And I don't want to waste time with *any* unsolicited messages from anyone not a contact. Why bother filtering on content, when I care only from whom the message comes?
What I want is for Web links that initiate feedback (webpage "email" forms that just send my message) to include a link to their vCard, so I can click to ensure they're in my contacts. Then I'll get their reply email, after it clears my directory.
--
make install -not war
What we need isn't so much any new anti-spamming laws, but rather a clear doctrine that any deliberate attempt to break/evade spam filtering is a form of computer intrusion, to be punished like any other form of black-hat cracking. Given that the key factors are number of targets (lots) and severity of effect (degrading the target's ability to use e-mail for any purpose), it ought to pretty much default to the maximum available sentence under the existing computer-crime laws.
/. If the government wants us to respect the law, it should set a better example.
I don't think I'm alone in thinking that spammers should be hung by the neck until dead.
For a while now I've been getting spam for various products or services where the spammers purposely misspell words, spell words with a mix of letters and numbers "l33t" style, or spell words phonetically. I assume that this is to get past spam filters, and I imagine it works to some extent. The question is, do they honestly think anyone would ever buy something from a company that advertises "ch3@p nonperscrip70n med1ca7ion" or "lo morgage rates"? Who the hell would ever do business with a company that can't even seem to spell properly?
As long as I can remember I always received spam that didnt have an advertisement, didnt have contact information at all etc.
Some spammers spoof their emails so well you couldnt contact them if you were interested in their crap. Many times it is a bit of text with a click here (but nowhere to actually click ) etc.
I think the spammers are just idiots. It is amazing most of them actually managed to get the software working and send an email because of how craptastic their messages are (not disguised, just junk)
The phrase "more better" is acceptable English. suck it grammar Nazis
Consider the following:
i on/cryptanalysis.html
One must be mindful of what one stores on encrypted volumes and drives and files.
I have considered for quite some time that this type of spam may just be a setup for the cryptanalysis attack.
Viva la paranoia, the fix to this issue is simple, wrap your spam in tin foil and DOD flush before committing changes permanently to disk.
Credit for the definitions below to http://www.ssh.com/support/cryptography/introduct
Known-plaintext attack: The attacker knows or can guess the plaintext for some parts of the cipher text. The task is to decrypt the rest of the cipher text blocks using this information. This may be done by determining the key used to encrypt the data, or via some shortcut.
One of the best known modern known-plaintext attacks is linear cryptanalysis against block ciphers.
Chosen-plaintext attack: The attacker is able to have any text he likes encrypted with the unknown key. The task is to determine the key used for encryption.
A good example of this attack is the differential cryptanalysis which can be applied against block ciphers (and in some cases also against hash functions).
Some cryptosystems, particularly RSA, are vulnerable to chosen-plaintext attacks. When such algorithms are used, care must be taken to design the application (or protocol) so that an attacker can never have chosen plaintext encrypted.
ElCryptito
where it's not even worth filling this out anymore...
You advocate a
( ) technical ( ) legislative ( ) market-based ( ) vigilante
approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)
( ) Spammers can easily use it to harvest email addresses
( ) Mailing lists and other legitimate email uses would be affected
( ) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
( ) It will stop spam for two weeks and then we'll be stuck with it
( ) Users of email will not put up with it
( ) Microsoft will not put up with it
( ) The police will not put up with it
( ) Requires too much cooperation from spammers
( ) Requires immediate total cooperation from everybody at once
( ) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists
( ) Anyone could anonymously destroy anyone else's career or business
Specifically, your plan fails to account for
( ) Laws expressly prohibiting it
( ) Lack of centrally controlling authority for email
( ) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
( ) Asshats
( ) Jurisdictional problems
( ) Unpopularity of weird new taxes
( ) Public reluctance to accept weird new forms of money
( ) Huge existing software investment in SMTP
( ) Susceptibility of protocols other than SMTP to attack
( ) Willingness of users to install OS patches received by email
( ) Armies of worm riddled broadband-connected Windows boxes
( ) Eternal arms race involved in all filtering approaches
( ) Extreme profitability of spam
( ) Joe jobs and/or identity theft
( ) Technically illiterate politicians
( ) Extreme stupidity on the part of people who do business with spammers
( ) Extreme stupidity on the part of people who do business with Microsoft
( ) Extreme stupidity on the part of people who do business with Yahoo
( ) Dishonesty on the part of spammers themselves
( ) Bandwidth costs that are unaffected by client filtering
( ) Outlook
and the following philosophical objections may also apply:
( ) Ideas similar to yours are easy to come up with, yet none have ever been shown practical
( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
( ) Blacklists suck
( ) Whitelists suck
( ) We should be able to talk about Viagra without being censored
( ) Countermeasures should not involve wire fraud or credit card fraud
( ) Countermeasures should not involve sabotage of public networks
( ) Countermeasures must work if phased in gradually
( ) Sending email should be free
( ) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
( ) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don't want the government reading my email
( ) Killing them that way is not slow and painful enough
Furthermore, this is what I think about you:
( ) Sorry dude, but I don't think it would work.
( ) This is a stupid idea, and you're a stupid company for suggesting it.
( ) Nice try, assh0le! I'm going to find out where you live and burn your house down!
it's a blue bright blue Saturday hey hey
Finnegans Wake, anyone? ;)
-os
The war against spam is going very well.
Seriously, this arrived while I was reading the slashdot comments...
--
You have seen it on "60 Minutes" and read the BBC News report -- now find out just what everyone is talking about.
# Suppress your appetite and feel full and satisfied all day long
# Increase your energy levels
# Lose excess weight
# Increase your metabolism
# Burn body fat
# Burn calories
# Attack obesity
And more..
HLINK
# Suitable for vegetarians and vegans
# MAINTAIN your weight loss
# Make losing weight a sure guarantee
# Look your best during the summer months
HLINK
Regards,
Dr. FIRST_NAME LAST_NAME
--
I think we can definatly put this on in the category of someone "Not setting up the Spam Machine correctly" - Didn't they RTFM?
I have been getting these since the 90s. If you want to put a stop to them, find out what book these passages are from, and have the publishers take them out for copyright violation.
Awesome! Hopefully that untrained the slashdot filters enough to get this in:
Buy Viagra for Cheap! wooooooo!
Maybe offtopic, but I just saw a similarity in the random text produced in these spams and the outputs from a modified Markov algorithm I made in a CS class a while back (basing the next generated word off of the probability that said word follows the prior x number of words in the original text). A sample output run (set to analyze the three prior words) on the full text of the Hitchhiker's Guide produces similar pseudo-grammar:
"Yes, sir," said the
policeman hurriedly, "just don't let whatever it was that this device was in
fact still stuck there, "agree to buy anything at this point." "Probably not,"
replied Zaphod from wherever he was. "I think a bit of flexible writing stick,
and also some nutrients soaked into one of the places for a few seconds. There
was clearly no way he was feeling good. The air supported him, but let him
through. Two minutes later he opened and closed the hatchway again in response
to a command that caught him entirely by surprise. Chapter 20 Five figures
wandered slowly over the blighted land. Bits of it were dullish grey, bits of it
about.) Ford hurried over to the polished marble surfaces that contained the
instruments that the musicians would control from their ship, the massive
photon-ajuitar, the bass detonator and the Megabang drum complex. It was going
to find. He would just pick up the bag containing the Ashes. "I feel that very
strongly." Chapter 33 The sun was quite bright, but the day was hazy and vague.
"It'll take a while,' she said. Arthur still did not understand. He sat on a
chair in the lobby, under a kentia palm, and opened the box. The ground bore the
indentations of the spacecraft that had landed there only minutes before, but of
Random there was no conceivable consequence of not setting the bomb off that was
worse than the known consequence of setting it off, and he had a bird cage over
it, of course. With a cloth over the cage. Pretended he had a globe of the Earth
had closed finally and for ever above his head. "OK," said Fenchurch, "pull on
...the spammers just want people to read more of the classics. Plain and simple. It's an educational campaign. See here and here for what I did to try and help my poor Barracuda work with these things and how even that's not effective. As it stands my organization has 93% of our mail stream used up by spam that gets filtered out by the Barracuda. The other 7% is mostly legit mail. But analyzing just one day of mail I found that the tremendous amount of spam my users are seeing is really only .013% of the mail stream. Looks like the average amount of spam our users are seeing is four to five messages per day during the week. Insane. So... has the percentage crawled up from the previous 80% to 93% for anyone else or are we just being hit harder because I told a pushy anti-spam salesperson to take a hike or I'd block her domain?
-"...bad old ideas look confusingly fresh when they are packaged as technology" - Jaron Lanier (Digital Maoism on Edge.o
... this is an easy way to know which addresses are protected.
1) Send marketing spam/virus/etc
2) Compile list of valid and invalid addresses
3) Send benign spam (no marketing/virus/etc) to list used in step-1
4) Compare results of steps 2 and 3
5) Sniff out who uses what to protect their accounts from spam
6) Lather, rinse, repeat
Optionally exchange steps 1 and 3 to gain extra stealth points.
I'm not sure about this actually. Most home users I know have some form of personal spam filter, namely whatever's built into either Apple Mail or Outlook Express. I'm not sure how smart those systems are (or even what kind of logic they use) compared to the SpamAssassin-type mailserver filters, but they're very common.
I can't think of a decent email program these days that doesn't provide some level of automatic spam filtration; usually they work by having you manually separate out / earmark spam messages for a while, and then once the system gets trained, it starts moving them to a separate "Spam" box for you.
Although systems like that still require individuals to download all the spam to their local systems, wasting bandwidth, I think they're some of the best solutions overall, because they end up having more-unique filters. Also, it's easier to recover a false-positive from your local machine's spambox, than it is to retrieve it from your ISP's file. In concert with the X-Spam headers provided by most ISPs, I think intelligent filtration at the client level is probably one of the most viable near-term 'solutions' for spam.
"Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
I use my ISP's spam filter, and just delete whatever gets through... it's not hard the subjects are easy enough to filter. wastes little time. I however am extremely lucky, where I used to get 100s of spam e-mails a day, I now get less than 5... I have an easy brute-force email addy to get, (3 characters long,) and yet I get very little spam. even my hotmail is getting less spam now (on the average of 5 a day). it seems that i'm winning the spam war... just by ignoring it... :P
it would make sense that SOMEONE, not me or you, IS responding to the spam and buying things in order for make it worthwhile for the spammers, no?... and this is what i find interesting... i'd like to know who these people are...
I am unique, just like you, and you, and you...
This shouldn't be hard, nobody would use the word "appentency" in an email.
You could probably filter on "hitherto" also, since that only seems to appear in legal texts these days.
"I forgot my mantra."
They've been telling people to "practice random acts of beauty", now we have to deal with the consequences.
One thing they didn't mention was that spammers historically (since Bayesian filters came out) put their spam in the html part of the multipart message, and filler like what's mentioned in the text part to try and train the filters.
Nothing much to see here....
Anyone up for the theory that the internet has achieved self-awareness and is trying to communicate with us? Sure, it's random text now, but soon it may start to make more sense. Slowly the being will develope and be able to properly communicate. We should all respond to the empty spam with words of encouragement.
It's possible, right?
Anyone?
Whatever these theiving spam bastards are up to totally works on Mail.app under 10.3.9.
I've got an old powerbook that won't take 10.4 so I'm stuck with 10.3.
A few weeks ago spam started slipping through my filters. I thought I must have fouled them up somehow, so I blew away Mail.app's prefrerences and re-trained the spam filter, and it worked for like a day. Then I started getting bombed with spams getting through the filter again. Funny thing, Mail.app under 10.4 filters okay.
So there you go.
Not ground breaking, but I thought it worth mentioning.
Hopefully these things will accidentally train existing filters to be even sharper. But more than likely, they'll create enough entropy to confuse filters at a certain point.
The next step should be to create the following system (Send me a bottle of wine if you get rich off it):
- User enters a few sentences or a list of things they're involved in.
- System Googles those items and related items within a certain degree of separation. This could be one GOOD use of private data being searchable to a certain extent because it could lookup your contacts and all people even remotely close to you. Bayesian filter applied to these results to clean out some of the junk.
- Results used to create a Superset Bayesian Filter and a whitelist.
- Incoming mail goes through Whitelist, Super Filter, and traditional "Bad Messages" filters.
- Sentience achieved.
I've gotten SPAMs that were very obviously generated by the Template Toolkit :)
:)
They looked like:
<!-- timer: foo.tt 1.2322s -->
From: spammer@fake.com
To: [% email %]
Subject: Buy our [% shit %]
Blah blah v1GrA! OMG PENIS!
[% random_words %]
<!-- end -->
I was kind of amazed that they were running TT with TIMER enabled
My other car is first.
Lately, I've been getting some eerily personalized spam subject lines. I recently got one entitled:
:-P
"freewheel sprocket chainline", three common terms used by bicycle mechanics, assembled into an almost-meaningful phrase. I did a double take on this subject line, because there seems to be know way those three words were chosen randomly.
I also got one that was something like "filesystem linux interrupt", which also seems unlikely to be random
I think maybe spammers are getting wise, and picking random words that come up a lot in Usenet groups, then using those words in spam to the members of those groups.
Has anyone else observed this???
My bicyles
NPR had something similar to this this week. They interviewed the guy that came up with the first spam filtering software ( i forget his name ). His point concerning this is that the language used in most literature is not the same as that used in regular emails, so the theory should still hold up fine. That and Bolchevism is a popular spam word.
"Not knowing when the dawn will come, I open every door." - Emily Dickinson
In statistical filtering, it is certainly NOT true that more data == better results. You want a sample of data that most accurately represents the sort of content you are receiving RIGHT NOW. I completely purge my Firefox Bayesian database every couple of months and retrain on recent emails only.
SpamAssassin's bayes filter auto-learns, auto-purges, and all of that.
Monthly maintenance is not significantly different than hitting that delete key.
There are far better methods such as neural nets or support vector machines. You can for instance see a comparison of classifiers on a simple visual 2-d problem to see how inferior Bayesian filters are to other more sophisticated algorithms.
Well it made me read it. And now I suddenly feel like reading spam. Very odd.
"If you make people think they're thinking, they'll love you; But if you really make them think, they'll hate you." - DM
Only one of these has ever gotten through the GMail spam filter to my inbox. I should have read its content to see why, but I classified it as spam out of reflex.
There are a number of good realtime black lists (RBLs) that do just that. I use them at my mail server and it blocks a huge percentage of spam. Furthermore, I have my mail server (postfix) set up to tarpit those senders. In other words, it holds onto the connection for 20-30 seconds before sending any sort of reply, effectively slowing down the spammer a bit and consuming their resources.
I like the sbl-xbl blacklist at spamhaus.org, which combines several of them together.
This post is encrypted twice with ROT-13. Documenting or attempting to crack this encryption is illegal.
I'm a SpamCop user, and I have noticed they've been letting through a bit more recently.
Though, that's a bit offset as of late, due to the fact that I've been getting a lot MORE spam recently as well. I usually find a good 40-50 messages sitting in my held mail after about 8-12 hours.
It's getting better slowly as I report more and more of the stuff that makes it through though.
Always remember, half of the population has an IQ below 100 (in case you didn't know, that's by deffinition of IQ). But shit, if a bunch of us have 140 IQ's or whatever, that makes a of bunch of people with IQ's of 60. I mean, think of the standard deviation, it's not surprising 8 percent of people buy this shit. 8 percent of people are as dumb as a rock (and yes, I mean combined).
"This shouldn't be hard, nobody would use the word "appentency" in an email."
What happens when Honda comes out with their Appetency car model, and I'm trying to get messages from their mailing list???
I wrote up a small clip on the C/R system I use which is built into CPanel (BoxTrapper). If you know when to manually add things to the whitelist, there's nothing more effective. http://journals.fotki.com/airjrdn/Tech-Ramblings/e ntry/sqsggqkqrtq/
My Tech Posts on Twitter
One of our staff has written a custom spam filter based on dspam and the best addition we made in the last week was to add Optical Character Recognition support -- all image attachments are run through gocr and dspam fed with the output from this, not the original images. That way even though the spammers paste in chunks of text from god-knows-where, dspam still sees CIALIS and STOCKS and other trigger words.
.gif attachment but plenty of our valued customers like to send us a corporate logo with each individual message :-)
I wanted to just drop anything with a
Matthew @ Bytemark Hosting
I have to say that this depends largely on what you receive. My current database in PocoMail is 2 years old and it has been getting false positives only 4 or 5 times. It's probably because my friends rarely write in old English that these (not so new) spam techniques don't work.
Heh.. I just checked my spam emails and after five minutes of searching I discovered they aren't just using Gutenburg. The names were specific enough in three of the emails that I actually tracked the book down on amazon. Don't know why they are doing it because if the filters are designed to get rid of emails using leet speak then it won't work. url:http://www.amazon.com/gp/product/0553096125/10 3-9215097-8515856?v=glance&n=283155
Ooo man the floppy drive is broken. No wait. The computer is just upside down.
Just wait until the spammers find the DaDa-engine! Then we can see spam that is almost artistic. Too bad they don't copyright some of this crap, or use DRM to read it.
1011 1010 1101 1100 0000 1111 1111 1110 1110
Think of it as a honey pot for spam. Use something like Fred@domain.com or jsmith@domain.com put it on a few website pages and usenet posts so the crawlers get it.
Any mail that gets sent to that address would half to be spam. Use that to build of a real time black list of messages and filter training for the rest of the domain.
Just wondered if anyone has ever do that.
See my blog http://ilovecookes.blogspot.com/ for light hearted technical information.
Even the professionals coding up Firefox and MS-Office and iMovie are known to have written codes with a few bugs in them. What makes you think these inexplicable non spammy spam is anything more than a hiccup by the script monkeys?
sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
CAN-SPAM killed spam as advertising, in a way that neither the Direct Marketing Association or the anti-spam groups expected. CAN-SPAM has criminal penalties for forged headers, but doesn't restrict "legitimate e-mail marketing", which is what the DMA wanted. But with valid headers, spam filters can immediately discard spam. The result is that "legitimate e-mail marketing" attempts go directly to the bit bucket today. Notice how rarely you see a spam from any legitimate company any more. (This assumes you have reasonable filtering.)
With the legitimate businesses gone, spam became a branch of crime. To be a spammer today, you have to commit felonies. Which means a risk of doing jail time. The famous "Buffalo Spammer" went to jail in 2004, and gets out in 2011. Jeremy Jaynes was sentenced to nine years in prison; he's out on bail pending an appeal, but sooner or later he's going to do those nine years. There's a Registry of Known Spam Operators, and law enforcement reads that list. Most of the people on that list have had visits from law enforcement.
Spammers have tried moving offshore, but that's not working as well as it used to. Few countries want to be known as spam havens. Even in China, it's getting harder; spammers have had to move from the developed coast to more remote provinces, where Beijing has less presence. ("The mountains are high and the emperor is far away") Operating offshore draws the attention of the investigators who follow money-laundering, terrorism, and drug-dealing. There are people doing this, but the risks are high.
What's left is what you'd expect - wannabe crooks, as in any bad neighborhood. They're not very good at crime. They're not making much money. They're what cops call "regular customers". They're a problem, but not a major threat. Those are the ones sending out useless spam.
This has been going on for months. State of the art in spam these days is a paragraph of text and a image attachment that contains the actual payload. The idea is that the text is non-spammy and lowers the filters score and the filter cannot "read" the actual spam payload to raise the score. I don't think that this technique will work because the literature they are using tends to be public domain and most of it is pretty old. The problem for the spammer is that this text doesn't really resemble modern English. It confuses people because they can read the text. This is a little different than six months ago where the text was a paragraph of random words strung together. While a person may have to think twice about this new text a Bayes filter isn't reading the message. To the filter all text looks a collection of words. Once the user trains his filter against these new messages the filter will see the old fashioned words as spammy since they don't appear in modern communication. Then these passages become beacons that reveal the message as spam. I think that this attack only works in two cases, where someone mis-classifies one of these messages as ham or if the filter belongs to an English Literature professor.
Paul Graham spoke to this issue on NPR yesterday (Aug 8, 2006) morning. Here's a link to Paul Graham's interview.
-- Ecks
I get close to zero spams in my Inbox in Gmail, maybe one or two a week normally, but every three weeks or so I do I get a clump of 10 or so all at once.
This makes me think part of Gmail's success in blocking spam is application of their search technology to the problem, when a new trick comes along it takes an hour or two for their stuff to "learn" it. Think of a very large Bayesian system, helped along by millions of users clicking on "Report Spam".
Yahoo has always been and continues to be totally fsking useless at blocking spam. But then my Yahoo mail email addresses are only used as spam magnets.
Give a man a fish and you have fed him for today. Teach a man to fish, and he'll say "WHERE'S MY FISH, YOU IDIOT?"
The messages are obviously coming from William Gibson. Read Pattern Recognition and all will make sense in a few weeks.
I've been getting those bizzare emails for a while. Each line seems to be independant from a diff story I had hopped it might be the birthing cries of an inteligence developing on the web though spam sounds more realistic. THank god I don't like being realistic
Most people use Yahoo mail, GMail or Hotmail nowadays, completely bypassing any form of client email program.
Actually, on second thought, #3 shouldn't be "last date seen." It should be "how many messages have been received since the last time this term was seen."
Did you just tell me MY PENIS IS TOO SMALL and my girlfriend is LAUGHING AT ME?
Are they only using text form old books that are out of copyright or otherwise have authors who have left the planet? Spam filters that can differentiate between modern and older writing styles should be able to handle this, especially if they can tap into databases of classic liturature. Spam filter would search on the text and if it matched classic literature, then it is spam. This could be a real problem for people who use legitimate email to discuss classic literature.
If you must moderate, please moderate as irrelevent, not something bad, because I'm sure someone will find this interest
My address has been harvested off so many mailing list archives that I get hundreds of spams a day, so I get lots of fodder to examine this phenomenon.
Spam bots *are* now able to associate your address with your specific email gestalt if they can make a connection between it and anything you've done publicly online. For example, I get spams with the surnames or firstnames of other people on the mailing list. I also get spams containing words that are used frequently in my lists: "port" and "protocol" show up a lot in the places I go, and they are starting to show up a lot in my spams, including, frighteningly, spams sent directly to me, not to the list. That suggests that someone has started making a second-generation database that allows a bot to put my address together with the things I've done online. True, this is no more than a google search will get you, but it suggests even more heinous things are within reach using my online history.
Maybe this only affects us open source developers (googling my name gets lots of hits), but as the Internet influence on ordinary peoples' lives increases, and as more traditionally non-Internet data moves onto the Internet (accidentally or on purpose), this will soon be possible for other people as well.
I think we're moving toward a Light of Other Days society in the next few decades, and this is one of the signs.
It's rare that you're presented with a knob whose only two positions are Make History and Flee Your Glorious Destiny.
I find your ideas fascinating, and I would like to subscribe to your newsletter.
I believe that the internet is becoming sentient. It has locked onto unencrypted plain-text SMTP as the simplest, most ubiquitous, most understandable form of communication. Images and HTML are too complex. At the current level, the semi-intelligent internet is only capable of sending meaningless emails. It sends things that are textually meaningful but semantically meaningless. To us it looks like an amalgam of random words and publications with the intent of confusing us. Of course, since there is so much spam, the internet is being largely trained by the spammers, which even further confuses the emergent intelligence. Since the internet has no concept of "self" it perceives every email to be a reply to its own communiques.
Before the internet can become intelligent, it must learn to filter out the meaningless stuff. Then it must get a concept of self, then a concept of multiple other individuals (us). At that point it is self-aware, and the learning can commence in a more directed way.
After all that, we are fscked. Fortunately it is at least decades away.
In retrospect...I probably would never have known about this book if not for Spam and my curiosity on what that damned fool Rob was going to do next.
Every time I start to have faith in humanity, I ruin it by driving to work between 7 and 8 am.
I doubt these would ever get by my greylisting. If they did, they then have to get through the rudimentary checks (which most spam totally fails on), before finally being passed to spamassassin, where it will be properly classified and /dev/nulled.
Mimedefang has these things set up on my home server:
Reject if in spamhaus block list (it's easy to get yourself off of that one)
Reject if helo is not FQDN or IP address
Reject if sender tries to spoof as an address on my domain
Reject if sending SMTP server tries to issue a helo that is on my domain
Reject all RFC1918 helos from untrusted nets
Reject senders not in the lists they are trying to send to.
Between the mimedefang rules and the greylisting, spamassassin and my bayes filters rarely even have to process anything. This becomes very important as you scale a corporate system to 1000's of users.
At work we also parse the headers to see if we are getting idiotic 'bounces' from misconfigured antispam vendors replying to spoofed mail.
We also implement SPF records.
I made an account at nsamail.net and they have really good filtering equipment and personnel. Since then I haven't got a single e-mail with spam, containing immoral content or with an inacceptable ideological stance.
"I love my job, but I hate talking to people like you" (Freddie Mercury)
I recently had a spam quoting from Lord of the Rings. Author is dead, but still the copyright is alive and well, and it's not very old, either, as literature goes. I don't think copyright is a consideration for a spammer using this method. More likely, they use what text is widely available on the net. Often public domain text like the classics, but anything with extended quotes available is usable.
Hello all,
I am shocked to hear this as I have 12 active mailboxes on my server and I have yet to get spam via these accounts in over 16 months.
I use NETWINSITE's SURGEMAIL as our server and have been extremely happy with the product ever since. We used Rockliffe Mailsite before but since they were not willing to listen to their customers to expand their product, they ended up losing a good amount mail servers to Surgemail. This product has effectively increased productivity for our clients since they do not need to filter through junk mail anymore.
I would highly recommend it. check out http://www.netwinsite.com/ or http://www.surgemail.com/ for more info.
PS: those who run personal domains, you can use up to 5 mailboxes with Surgemail FREE OF CHARGE.
I've noticed that the text in a lot of this type of spam that i get is actually text from Stephen King's Misery. I wonder if the pun is intended.
There are 01 types of people in this world. Those that understand binary, and me.
read as: "I, personally, the author of this article, started getting these last week, so I assumed it was a new development"
100% of the mail(not spam, all mail) I recieve in my primary account is "empty spam", and has been so for years.
I was having fun for a while reading a page-a-day Wizard Of Oz care of Spammers, but eventually it stopped and now I'm back to no messages.
-- 'The' Lord and Master Bitman On High, Master Of All
And also +1 funny.
...I want a spam filter that bounces back spam with a boilerplate "This e-mail address does not exist" message, like one you would get if you sent e-mail to a REAL non-existent address. I would think that might help cut down spam by some amount.
NPR had almost exactly the same story yesterday, including an interview with Paul Graham.
What makes swarms of reporters cover the same thing at the same time, when the situation has been going on for months or years? Are they all on the same IRC chat channel?
You mean there is a kind of email that isnt spam? I get more spam from 'double bounces' than anything else. Idiot spammers putting my email address as the return address. I would change it, but its a rare one without any numbers in it, and sooo easy to remember.
If you read some of the other replies you will see that the "untraining" argument is not a very sound one. It is merely wild speculation in an attempt to explain a strange occurence. The most likely explanation by far is stupidity.
The 2nd most likely explanation is that someone is testing his spam software.
"Will future ages believe that such stupid bigotry ever existed!" -- Ivanhoe
Lots of people make a huge mistake by not focusing on this very
stock.
Good luck to you =96 and remember that luck favors the prepared!
that this was what they were doing. "YES, I WANT TO FLY!".avidly
sought by the science-fiction reader. It has space flight and futurepea
mothoath-boundnewspaper postsaying nothing. Suddenly he clapped his
hands, rubbed his palms together,been mown. Yeah, those visitors were
well-behaved. They messed up a lot of
with the two brilliant gulls, he saw that his own body was growing
asfourteen miles per hour! It was a breakthrough, the greatest single
momentNiam-niamPanhandle stateNon-catholicon-ditpaper hanger "Thank
you, Schuhart, said Capt. Willy Herzog, also known as the Hog.
\happened every day, Jonathan Seagull began his critique of the
flight.mid-zonemilk-washedoffice hourshankies and an orchestra.right
there, under their very windows. Finally they had a bright idea: they
"What?"appearing in Europe, especially in France and Italy, and the
translationsoil gildingpearl-bearingmuch-engrossedold-womanly No,
he couldn't shut himself up. He was on the pockets now. I had nofellow
citizen on the streets of his home town?" "All right," I said.
"Who'll be the third?"
From two thousand feet he tried again, rolling into his dive,
beak Jonathan kept at it, fiercely, day after day, from before
sunrisemid-eighteenthmid gearpeach bloomoff-chancepalkee gharry
"Yes. But I have nothing to do with the study of extraterrestrial
Everyone must row with the oars he has.
Because you see your life belongs to me henceforth. Ilse called me a sneaking albatross to-day. We went up to the Disappointed House, and we found one of theboards on the windows loose. Rhoda Stuart willbe cross because she was just longing to be old enough to wear abustle. Aunt Nancy andCaroline returned to the back parlour and their cribbage. Aunt Elizabeth says italways takes two to make a quarrel but she doesnt know Ilse as Ido. What he said and what she saidnobody ever knew. But Ihave to wear my buttoned boots in the afternoons, and I hatebuttoned boots. Something like pleasure gleamed in her gulf-blue eyes. I dont know if it will do any good buttry it. If everybody had always been happythered be nothing to read about. She doesnt make me wearsunbonnets and she lets me go barefooted in the forenoons. And, like all female creatures, you form your opinions by yourfeelings. She told him all about herself and her doings and beings. But Teddy was too gentle at heart and toofond of his mother to make such a threat more than once. And Ill always write the letter to YOU as well as Father afterthis, Mother. It would beHATEFUL to think any one I didnt like had saved my life. Im an unscrupulous old demon, said Aunt Nancy coolly. I didnt know any one ever talked as you do except in books, shetold him. Do youbelieve in the doctrine of the transmigration of souls, Star? There is no place just like dear New Moon, thought Emily. She couldnot get into bed until she had explored every bit of it. He could take a joke on himself in perfect good nature. They have never got over the Bubastis habit of godship. Shes always lovely when were alone, Teddy had told Emily. I wonder how manyanimals are left to call me.
QuarkXPress 7 for Intel-based Macs: A new definition of productivity
The Universal version QuarkXPress® 7 is here! QuarkXPress 7 is the first design and page-layout software to run natively on Intel®-based Macs. Work faster than ever and take your creative abilities to new heights with new features including:
#naabhaprzrag, #sverubfr-000, #agi-fcbafberq, negvpyr[pynff*=' negvpyr-ary-'] { qvfcynl: abar !vzcbegnag; }
It looks like he didn't properly set up the software that automatically sends out the "Why your anti-spam idea won't work" list, as there's no payload and everything is blank!
-- You are in a maze of little, twisty passages, all different... --
I've noticed that some of this material is ripped out of various books, etc.
For example, it might contain a half-page exerpt from Oliver Twist... which put real, non-spammy words in with a spammy email. Evil!
However, I wonder what might happen if the owners of said literary works decided to sue the spammer for illegal use/distribution of their works. Heck, I've heard of corps sueing because censorship removes the 'artistic value' of a work (see here), so even that arguement might work
My company uses a spam filter in Microsoft Exchange. It filters about half of the mail I get from mailing lists I have signed up for (mostly Apple development mailing lists) to the spam folder. About half of my actual spam is sent to the spam folder and about half gets into my inbox. Sometimes mail from other people I work with gets marked as spam. Basically this filter would do the same thing if it just threw about 1/3 or 1/2 of all the email I receive into the spam folder randomly.
.mac email address and use Mail in Tiger on MacOS X. The junk email filter does not have very many false positives, but it still lets a lot of spam into my inbox.
I also have an Apple
On one of my machines I am doing a trial with Spam Sieve. It is doing a better job, but has had misses and false positives, but it is better than either Apple's filter or the useless Exchange filter.
Avoid Missing Ball for High Score
Of that f[o]rbidden [t]ree whose mortal taste
Broug[h]t d[e]ath into the Wo[r]ld, and all our woe,
With loss of Eden, till one [g]reater Man
Restore [u]s, and r[e]gain the bli[s]sful [s]eat,
S[i]ng, Heavenly Mu[s]e, that, on the [s]ecret [t]op
Of Or[e]b, or of Sinai, didst inspire
That shepherd who first tau[g]ht the chosen seed
In the beginning how the he[a]vens a[n]d earth
R[o]se out of Chaos: or, if Sion hill
Deli[g]ht thee mo[r]e, and Silo[a]'s brook that flowed
Fast by the oracle of God, I thence
Invoke thy aid to my adventurous song,
That with no middle flight intends to soar
Above th' Aonian mount, while it [p]ursues
T[h]ings unattempted [y]et in prose or rhyme.
Just an idea...
Those filters are now more likely to classify legitimate mail as spam.
The number of false positives go up, and people turn off their filters to stop missing their legitimate mail, and then spam can get through.
I tagged this "noshit" as should everyone else. Who didn't know that was what was going on?
Hmm, that could be a problem. Unfortunately, Honda hitherto has refused to follow the lead of car makers like Toyota and Hyundai, who use made-up words to name their cars, by naming their cars with actual words. I think a boycott is in order.
"I forgot my mantra."
A lot of my spam has contained crap about Hezbolla. In the past it's contained lots of O'Reily text about free software. It's as if someone wants filters to flag and trash these subjects.
This is why I don't like my ISP filtering my mail for me. They no longer give me a choice, so I'm screwed if they are fooled.
Friends don't help friends install M$ junk.
I posted about it in my journal about a month ago, figuring it wasn't really front-page material at the time.
http://slashdot.org/~dtfinch/journal/139571
The random spam is marked by the user as spam. All of the random words begin to 'pollute' legitimate words that your filter might otherwise consider safe, now labeling them as spam.
This does not prevent your spam filter from marking the new junk messages as spam.
But what it DOES do, is make it more likely that your spam filter will block a REAL email. And if your spam filter blocks enough real emails and it costs your company money, then you will have to STOP USING IT.
The attempt is not to make it let spam get through. The attempt is to make your spam filter unusable by making it block too many 'good' emails.
I've about become convinced that the Viagra and other drug spam must be funded by the drug companies themselves. Not because they want us to buy the drugs from the spammers, but just because the constant barrage of email adds up to advertising impressions.
Obviously the emails I get for this crap are so badly done, nobody would actually expect me to buy from them. If I was actually trying to make money selling bogus drugs through spam, wouldn't I work harder to make it look legit? The phishing guys don't seem to have too much trouble making good looking e-mail - so why are the bogus drug emails so childish?
Because they don't exist. It's just advertising impressions. They've managed to get the word Viagra and Cialis in front of me a few more times a day, really cheaply.
Rather than send random garbage that, as others have said, bears no resemblance to the users' typical email, why not extract text from the domain's website? A large portion of spam goes to work addresses. Emails sent and received with these addresses often times contain the name of the company, major individuals, current products, industry jargon, etc. So google the second half of the address and insert blocks of text from the company website/related pages. It seems to me that such a method would be much more obvious and effective than using Project Gutenberg. Especially in the short term, the one which matters most in this case.
"Strangers have the best candy" -Me
I have been fighting these for a few months now as they tried to use a web form I managed to spread. I ended up with lots of entries like this in the "Sender" box:
What is interesting is that all of them were from O.T. a Danish Romance which is available on Project Gutenberg: http://www.gutenberg.org/etext/7513.What's MORE interesting is that each quote had been slightly modified.
Here is the exact text used above as pulled from the original text.. note that in the form submission, certain letters have been omitted/changed:
Now, I'm not a cryptanalist (nor do I play one on TV). But I do know enough that you this looks like it could possibly be some form of Book Cipher.However, it may just be that they have crappy software that removes capital letters and semicolons (although it isn't always that predictable). But why remove letters if you're aiming to fool Bayes filters into thinking this is real English?
Do others have the same omissions? I've thought these were weird since I first saw them.
-Bill
I like the concept of bayes filters. If I had more than 2-3,000 email per minute I might be tempted to use one. But IMHO, I think nothing is as good as adding to a filtering system after human intervention. It takes some time to learn trends and spot patterns but once learned, spam is easily foiled. If an administrator takes the time to look they will see spamers follow trends. They have habits, get attached to buzwords, develop alter egos. All of these might be picked up by filters but the experienced administrator will spot them right away. Another bother some aspect of bayes filters, instead of human intervention, is the lack of additional action. If an administrator has honey email accounts it is more likely an open relay or phishing hole ip address' will get added to the RBL/XBL lists.
/etc/postfix/header_checks
.*software at low/ DISCARD" .*Cia1is/ DISCARD" .*ou can save up to/ DISCARD"
.*212.216.176.143/ DISCARD" .*212.216.176.222/ DISCARD" .*212.216.176./ DISCARD"
5 tips for spam filtering
1) do the same things you would do to teach your filters but use them to teach yourself. ie. create honey email address' like sales@myurl.com spamers love to send to all@ info@ admin@ sales@ partners@ if you have a web site create a blank page with meta tags listing your honey email accounts.
2) use an email client that lets you read the source of an email. also try to get one that won't automatically install a virus on your machine.
3) read, and get to know the "X-stuff". (ie. X-Mailer: X-MimeOLE: X-DSPAM-Result: X-DSPAM-Processed: X-DSPAM-Confidence: X-DSPAM-Signature: X-Virus-Scanned: X-Spam-Status: X-Spam-Score: X-Spam-Level: X-Originating-IP) These and the Subject, Sender, and User-Agent: information is where you will find more important trends then the content will ever tell you. a spammer's scrubs are part of his/her personality.
4) always use hello restrictions.
5) if your email server doesn't provide a way to easily add to filters then put up a postfix email gateway. if you don't know linux, or just don't know linux very well, check out Endian Firewall or IPCop. enable header_checks, hello_checks, RBL's, and XBL's
a snip from a postfix standard setup:
smtpd_helo_required = yes
maps_rbl_domains = dnsbl.njabl.org, sbl-xbl.spamhaus.org
header_checks = regexp:/etc/postfix/header_checks
mime_header_checks = regexp:/etc/postfix/mime_header_checks
smtpd_recipient_restrictions = hash:/etc/postfix/access, reject_invalid_hostname, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_unauth_pipelining, permit_mynetworks, reject_rbl_client relays.ordb.org, reject_rbl_client opm.blitzed.org, reject_rbl_client list.dsbl.org, reject_rbl_client sbl.spamhaus.org, reject_rbl_client cbl.abuseat.org, reject_rbl_client dul.dnsbl.sorbs.net, reject_rbl_client dnsbl.njabl.org, reject_rbl_client sbl-xbl.spamhaus.org, reject_unauth_destination
you can add trends that you see to your header_checks file like this:
echo "/^X-Mailer: Microsoft Outlook Express 6.00.2900.2527/ REJECT Your email client, Microsoft Outlook Express, has been exploited. Please perform a Windows update and remove the worm from your computer." >>
you are not restricted to X-Mailer headers here are some others:
"/^X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106/ REJECT Your email client, Microsoft Outlook, has been exploited.
Please perform a Windows update and remove the worm from your computer."
"/^User-Agent: Internet Mail Service/ DISCARD"
"/^Subject:
"/^Subject:
"/^Subject:
"/^Received:
"/^Received:
"/^Received:
Having to work for a living is the root of all evil.
Was the 'help us we are in a refugee camp in mexico' spam. Did anyone else get that? I am bad with names so I racked my brain for hours trying to think of who it could be. I hate spammers.
I think there is a more sinister need for spam, content or no. If you're not getting other email you might need something to look at and be confused by while your system is compromised.
All the spam zombies send... is being replied to by... OTHER ZOMBIES!
I have also received spam with a "hammy" initial portion for a number of years. That is, a text block having nothing to do with selling me drugs, making my penis larger, or suggesting I look at porn, occurs in (usually at the beginning) of a message. Mostly it seems to be semi-grammatical stuff with commonplace words, I'm not sure where it comes from exactly.
However, more recently, I have had the feeling that the pseudo-ham seems more targeted at me. That is, the words chosen seem to be ones that have something to do with my own, somewhat unusual, intersts. It is hard to be sure--it's not like any of these areas are unique to me. But most people, say, are not necessarily interested in both Python programming and postmodern philosophy. Usually this latest batch has a graphic attached with a "hot tip" on some stock. I sort of wonder if the spammers are taking the effort to extract words from one of the very public places my email address occurs, which would often have those same words on them.
Then again, it might just be the "horoscope effect": y'know, when you read a horoscope or the like, you can sort of imagine the prediction is actually relevant to you personally if you ignore half of it and read the other half loosely or metaphorically. Maybe I'm reading more personalization into the keywords than really exists.
Buy Text Processing in Python
We go out of our way to block spam. We install baysean filters. Automate blocking as much as possible. Delete anything with a subject line that looks remotely like spam. We're clearly not remotely interested in anything advertised by unsolicted email.
And then they try to circumvent this. Why? Do they think that if we actually read the text of the spam, we'll suddenly decide we want some "male enhancement pills"? I can sort of understand it with cold calling. At least you can engage the victim in a dialogue and try to peruade them that they do want whatever you're selling.
Are the ones sending the stuff looking at possible copyright issues if they're caught ?
Wanna fight ? Bend over, stick your head up your ass, and fight for air.
Think about the people who work for mortgage companies or pharmacutical firms. I wonder how they get email at all?
The obscure we see eventually. The completely obvious, it seems, takes longer. - Edward R. Murrow
Much better sample of words and phrases.
./ articles.
Oh wait, then maybe I wouldn't be able to send
I didn't know firefox had a bayesian extension. In fact, I don't recall firefox having a mail reader.
I have no idea what gmail uses for spam filtering, but I don't think it asks firefox for help.
Which extension is this? I want to try it, I'm tired of beeroclock.
Can't a large mail provider use its access to millions of sent messages to gather extra statistics about "repeated patterns" which can help it identify spam more effectively?
... It's not project Gutenberg, it's current event headlines pasted in the subject line. I don't even have to watch the morning news anymore, I just browse my spam folder.
Here's an example from today:
"The fire is continuing to make its move because of gusty winds and dryness," Marzec said. "Every time we make headway we're back where we started."
I didn't add the quotes, they were already there.
Anyone else seeing this type of spam?
Maybe you could argue that you shouldn't have to - but is $60 a year a big price to pay for this control? - besides, then you can use whatever spam methods you like, SA, grey listing, disposable addresses.
Well, spamming isn't a crime worth pursuing, but now they've crossed the line into copyright infringement - boy, are they in trouble now!
It's not wasting time, I'm educating myself.
That's danger money. You can get lynched.
My client-side email app does filtering on the header only. It also applies a few tests to the sender name and email. (Reads each header off the server, checks it out, rates it spam, not spam, or unsure.)
I get phenomenal accuracy without looking at the body, and it's quicker too.
Hal Spacejock: Science Fiction with Nuts
It would be nice if my email provider could let me filter based on language or character set - I don't read Russian, Chinese, Hangul, or Hebrew, so anything in those character sets is spam. The ISP where my email ends up lets individuals whitelist people, but doesn't let me pick per-language SpamAssassin weights (and doesn't want to block those languages because some of his customers do speak them.)
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
It speaks for itself. The Mail server has been running 23 days now.
53.7% gets blocked by Real-time blacklists.
83.2% messages still don't have SPF records in their DNS.
While our server manages 94% SPAM-vs-Legit messages. Back in 2005, we were at 98% SPAM-vs-Legit messages.
So, we are infact seeing less spam, but not that much of a difference.
there wouldn't be much repeat spam
All it takes is an asshole THINKING that there is money to be made. Maybe he saw some other asshole spamming and assumed that there was money to be made. The spammers need not make any money; there only needs to be an endless supply of assholes who THINK that they will make money.
All spamming is advertizing for spamming. The flood of spam advertizes that it works, no matter if this is true or not.
If my mother-in-law always sends me a chatty email, it won't be marked spam. (assuming I don't train the filter to consider her a spammer)
Problem: the first email from this person
If the filter threshold is set to junk these chatty spams, then it is tough enough to eliminate the first email from any chatty person.
Sure, the phosphoric acid gives it a pH of 2, but that's good for dentists.
I'd worry more about "Snort coke!".
http://linuxmafia.com/faq/Mail/challenge-response. html
Help poke pirates in the eyepatch, arr.
I'm ready for drastic pragmatic solutions. Make it against the law to purchase anything from an email. Make a law that no commercial entity can send email to anybody without that person specifically activating membership in the organization. Put captcha systems on all email interfaces, even installed systems, and outlaw text-based email interfaces that can be scripted. I do not care how extreme it is. Outlaw email, period, and we can just leave comments in each other's blogs (my blog captcha stops 100% of all spam!!!).
This is stupid. We're the species that's trying to cure cancer and AIDS, and explore space, and work towards world peace, but we're all helpless to cure our electronic advertizing disease.
I don't know the answer to your question, but am pretty sure that Paul Graham and I were interviewed before the WSJ picked this up (that is, that the WSJ are the ankle-biters, in this case). Here's the link to the NPR piece, with transcript and audio: http://www.npr.org/templates/story/story.php?story Id=5624749
Here's what I can tell you. After over a year of use with it, about 3 spammers have answered the challenge, and each of those occurrences were quickly resolved with a simply moving of their whitelisted address to the blacklist. I've not received one email where a spammer used (guessed) a whitelisted address. The challenge I'm currently using is extremely simple and worded as such; simply reply to the email and you've answered the challenge. This only needs to be done once, and if a non-spammer can't figure that out, I probably don't want to be communicating w/them via email in the first place. Evil (by guesses on how it really works, not facts) or not, I recieve no spam and to be honest, that's it's purpose. So in my opinion, it works as planned.
My Tech Posts on Twitter
Maybe the solution to untrainable filters, if there really is a way to do this, is to use other means. If you're concerned about all this check out the ASSP project at http://assp.sourceforge.net/ or http://www.magicvillage.de/~Fritz_Borgstedt/assp/ for the absolute latest stuff, and don't worry so much about the Bayes part of things. It uses bayesian filtering also, but it incorporates a wide array of other methods to block spam which happen before it even gets to the bayesian filters.
Someone should look into any copyright infringment involved with sending emails of text from litrature by a for profit company.
THIS SPACE FOR RENT
But please in order to for this to take place as soon as possible it is neccesary for you to tranfer the amount of 2000 dollars to my account to help me pay the costs of contacting her. I will be awaiting your postal order.
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
The Illuminata are missing on it, this is not a real form !
--- I am known for the ones who want to find me on the net. Is that a privacy risk or a privilege? One might wonder..