Re: CRIME Interesting way around spam filter

From: Crispin Cowan (crispin@private)
Date: Mon Jun 02 2003 - 08:35:55 PDT

  • Next message: George Heuston: "[PLUG] CHANGE--C.R.I.M.E. meeting 06/11/2003 @ 10AM @ Verizon"

    Shaun Savage wrote:
    
    > I don't look at mush spam, but this caught my eye. Not the spam but 
    > the why it is hidden inside HTML. 
    
    Yeah, they've been doing that for a couple of months now. It is clearly 
    aimed at frustrating word-based spam recognition.
    
    In a similar time span, my Mozilla Bayesian spam filter's effectiveness 
    has dropped like a rock, now recognizing only about 50% of spam.
    
    Question: is it the case that Mozilla Bayesian spam filtering is done 
    only on the raw message text? Or do they do word analysis on rendered 
    HTML as well? For that matter, where is the documentation on what it is 
    analyzing? I can't find it.
    
    More broadly: does the community believe that spam has become so bad 
    that it can be considered a security problem?
    
    Thanks,
        Crispin
    
    > Shaun
    > ----------------------------------------------------------------------------------------------------
    > <Html><BODY><br><br> H
    > <!--side, however great Franz's desire was to allude to their -->i 
    > Postmaster...<br><br>Than
    > <!--as a second country. -->k you for expressing interest in ATGWS 
    > Watches.<br><br>We would like to take tH
    > <!--you from being so? -->is opportunity to offer you our finest 
    > selection of Italian crafted Rolex Timepieces.<br><br>
    > <!--upon by all as a man of talent, since those who have never -->You 
    > can view our large selection of Rolexes (including Breitling, Tag Heuer,
    
    -- 
    Crispin Cowan, Ph.D.           http://immunix.com/~crispin/
    Chief Scientist, Immunix       http://immunix.com
                http://www.immunix.com/shop/
    



    This archive was generated by hypermail 2b30 : Mon Jun 02 2003 - 09:02:02 PDT