[CLUE-Talk] Gibberish in spam messages
Jed S. Baer
thag at frii.com
Sun Mar 23 23:49:25 MST 2003
On Sun, 23 Mar 2003 16:47:30 -0700
"Warren" <warren at guano.org> wrote:
> "Joe 'Zonker' Brockmeier" <clue at dissociatedpress.net> wrote:
>
> > My guess, and it is only a guess, is that it is a tracking method
> > for people who report spam.
>
> I didn't think of that, but I guess it's possible. On the other hand,
> once you have information on who's reporting spam and are savvy enough
> to mine that data, then what do you do with it? I don't think that
> there are any SQL gurus among the spamming crowd.
Well, don't kid yourself. There are plenty of talented programmers who
have no compunctions about writing software for spammers. Money is the
only motivation that matters to them. Doubleclick was able to hire
programmers to setup their whole cookie/ad/database thing.
> I'm seeing quite a bit of "encoded" spam messages - not plain text or
> html, but some binary encoding. I'm not using SpamAssasin yet, but the
> traditional stone age methods - blacklisting, filtering sub-strings,
> etc - and can't quite figure out how to block these.
Have you looked at your mime headers? It's probably base-64 encoded text.
Or maybe even compressed. Remember that web servers/browsers support
on-the-fly compression/decompression. No reason to believe that isn't part
of "HTML-formatted" e-mail sometimes. I've seen what you're referring to,
I think. It was some sort of mime-encapsulation. Remember the whole reason
for uuencoding? Mail had to be 7-bit, because not all gateways were 8-bit
clean. Therefore, mail couldn't be used to send binary in the raw. I'd
guess the same situation is still accounted for when sending any non-ascii
mail, such as a UTF8 encoded character set.
jed
--
I wouldn't even think about bribing a rottweiler with a steak that
didn't weigh more than I do. -- Jason Earl
More information about the clue-talk
mailing list