lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <1065560177.3182.20.camel@tantor.nuclearelephant.com> From: jonathan at nuclearelephant.com (Jonathan A. Zdziarski) Subject: Spam with PGP > ---8<--- > </body></html>ahdmf uvhuex qnzysthoa > r > xdgmeqxqyawg > --->8--- > > And this nonsense "words" fool bayesian filters. they won't fool any good Bayesian filter, and actually I've found that they are an excellent way to identify spam, as many spammers are too stupid to change the jumble of letters at the end. but more importantly, a good bayesian filter that sees these "words" that it doesn't know should assign them a fairly neutral value. DSPAM assigns new tokens .4. Since Bayesian filtering uses the most interesting tokens (interesting meaning with the highest distance from a neutral .5), these tokens won't even get used in the final calculation and will be for all practical purposes ignored. and as I said, should the spammer start using these same "words" in multiple mailings, they'll be a great way to tag the spam. > As I said before, I think that bayesian filters are not perfect > (spammers use tricks to circumvent them). And I also think that > rulebased ones are'nt perfect too I haven't found a good trick spammers have used to get around my filters yet...the fact that Bayesian learns each user's specific behavior also makes it extremely difficult for a spammer to craft a message that would get through to a large number of people (how they make the little money they do make) since you can't just run a message through a rules list like you can with heuristic-based filters.
Powered by blists - more mailing lists