lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <1068954676.3094.15.camel@Star.BerthoudWireless.net>
From: security at 303underground.com (Scott Taylor)
Subject: SPAM and "undisclosed recipients"

On Sat, 2003-11-15 at 19:37, Kristian Hermansen wrote:

> There should be a way to stop the email spamming.  You could use their
> weaknesses as a way to prevent spam.  The fact is that most SPAM is sent in
> MASS quantities all at one time, or a very short interval.  If servers could
> somehow have a "global awareness" of the activity of spammers this could be
> prevented.  Take for instance Hotmail.  Millions of users have accounts
> here.  Hotmail could "sense" a massive flood of "identical" content to
> multiple users of their service and automatically label it as SPAM.  Of
> course, the downside is legitimate mass mailings that are sent out everyday
> from places like PC Magazine, Security Focus, and other opt-in mailing lists
> would be flagged as well.  Unless, in a new email security protocol, they
> implemented user specified WHITELISTS on email servers to allow legitimate
> bulk emails (that otherwise would be flagged) to be let through.  A sort of
> "Guilty until proven innocent" approach.  Just a thought... 
> 
>  
> Kristian Hermansen
> CEO - H&T Technology Solutions
> khermansen@...technology.com

This is the basis of razor/pyzor/dcc - finding fingerprints within the
content of messages and comparing a new email to a public database of
fingerprints of reported emails.

SpamAssassin will use those as factors, it adds in scores from various
realtime blackhole lists, sitewide or user-specific bayesian scoring,
plus assigning points based on characteristics like colored backgrounds
and lines of all yelling. And it supports user and site-wide whitelists
and blacklists. And it will weight your new score based on previous
emails you sent - so regular business contacts can get questionable
emails through if they have a history of good scoring email. And
spammers just dig themselves a deeper hole. With all the features
available, so grows the effort to tune it the way you want. And admins
who only know their way around a GUI will quickly get lost, as there is
no GUI. Of course, anyone requiring that probably shouldn't be allowed
in the server room in the first place without an escort. 

--
Scott Taylor - <security@...underground.com> 

BOFH Excuse #389:

/dev/clue was linked to /dev/null

Powered by blists - more mailing lists