[Spambayes] Cute spam trick
Tim Stone - Four Stones Expressions
tim at fourstonesExpressions.com
Sun Dec 15 21:49:14 EST 2002
12/15/2002 6:40:39 PM, Derek Simkowiak <dereks@itsite.com> wrote:
>> Let the Len<!--yczvHV-->ders <br>
>> Com<!--yczvHV-->pete for your Lo<!--yczvHV-->an!</font></b></div>
>
>> [...] Our tokenizer does strip HTML comments, but replaces each with a
>> blank, so the spammy words remain broken up.
>>
>> I'll fix that.
>
> Pretend I'm a spammer.
>
>Hi! Gre<b></b>eat De<i></i>eals with lo<pre></pre>w rat<script></script>es!
>
> (I.e., not just comments, but valid HTML tags too.)
>
> For that matter, since unrecognized tags are ignored by browsers,
>it could be:
>
>Hi! Grea<foo>t de</foo>als He<bar>r</bar>e!
>
> Hell, it wouldn't even need too look like HTML:
>
>Hi! G<aa>r<bb>e<cc>a<ddd>t d<ee>e<ff>a<gg>l<hh>s h<ii>e<jj>r<kk>e<ll>!
>
> I haven't followed the discussions on HTML handling, but given
>this latest cute trick this other stuff can't be far away.
Right, but our current tokenizer would currently defeat all of these. It
would have defeated Tim's example, except that in the case of a stripped
comment, it replaced it with a blank. This is a great example of how the
efforts of teams like ours are already forcing spammers into more and more
convoluted behaviors, which will make their mail even more readily
recognizable! - TimS
>
>
>
>--Derek
>
>
>_______________________________________________
>Spambayes mailing list
>Spambayes@python.org
>http://mail.python.org/mailman/listinfo/spambayes
>
>
c'est moi - TimS
www.fourstonesExpressions.com
http://spamland.org/jsp/Wiki?ToDestroySpamIncludeThisLinkInAllLegitEmails
More information about the Spambayes
mailing list