[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <017c01c38da3$7f58af50$3e2ea8c0@LUFKIN.DPSOL.COM>
From: purdy at tecman.com (Curt Purdy)
Subject: Spam with PGP
The answer to SPAM IMHO is filtering on the client side. Our server filter
gets 80%+ of it but I still got 50+ SPAMs a day. Since going to PopFile
proxy filter on my laptop (awsome & free @ sourceforge) I get maybe one a
week. It's based on Bayesian Theorum. Not bad for a 15th Century monk ;)
Curt Purdy CISSP, GSEC, MCSE+I, CNE, CCDA
Information Security Engineer
DP Solutions
----------------------------------------
If you spend more on coffee than on IT security, you will be hacked.
What's more, you deserve to be hacked.
-- former White House cybersecurity zar Richard Clarke
-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com]On Behalf Of MaX Flebus
Sent: Tuesday, October 07, 2003 6:52 PM
To: Full-Disclosure@...ts.netsys.com
Subject: [inbox] Re: [Full-Disclosure] Spam with PGP
> I remember hearing this is another method for bypassing spam filters.
>Apparently some filters will pass e-mail with PGP signatures thinking it
>is legitimate. It is an interesting concept, though.
>
> I think my favorite is still the jpgin an html enabled e-mail with
>seemingly valid information and links that is actually a link to an xss or
>pr0n site. Spammers are starting to use better methodologies and soon
>filtering options will be almost impossible. I find it amusing to see what
>they will do next, though.
>
>-William
Well, this reminds us that a spam filter, although definitely a good
thing, it's not the definitive solution, just like a firewall IMHO.
You can't bet too much on a purely automatic solution.
Anyway, again like firewalls, I'm not so pessimistic: completely
filtering out what you don't want could be, OK, impossible but filtering
out almost all, is what we really need.
MaX
-- www.flebus.com
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists