[Spambayes] More "spam of the future" lately?

Tim Peters tim.one at comcast.net
Tue Dec 16 17:24:52 EST 2003


[Matthew Dixon Cowles]
> I've gotten a few of those lately. I've found that Richard Jowsey's
> idea of retrieving the URLs in messages that score in the unsure
> range and scoring the pages received as a sort of synthesized message
> helps a good bit.

Is that checked in as a "standard albeit experimental" option yet?  It
should be.

> That's a somewhat controversial thing to do. People have pointed out
> that if everyone did it, it would enable a spammer to engineer a
> distributed denial-of-service attack against some site they didn't
> like.

There aren't enough spambayes users for me to worry about that; then cut by
the number who would actually enable this option, and multiply by their
unsure rate.  It wouldn't amount to much in the end.

> But I expect that a spammer could engineer an attack like that
> more easily just by including a URL that pointed to the innocent
> server with a link that said "Free sex here".

No, if spammers had *any* way to entice large numbers of people to click on
a link, they would use that way to sell their product instead.  The best
they could do is change the source for their highest-response-rate spam
campaign to point to a hated site instead of their own.

> The other problem with doing things that way is that web pages don't
> look a lot like emails. Web pages sometimes get scored as spammy for
> the wrong reasons.

Easily solved by changing Richard's gimmick to, e.g., stick a "web:" prefix
on each token generated from a web page.  That effectively creates an
independent (sub)database for tokens derived from parsing web pages.

> I haven't looked at the numbers carefully but since I get few hams in
> the unsure range, I could probably do just as well by setting my spam
> cutoff to 0.5 or so.

0.7 maybe, but you'd eventually regret dropping it to 0.5.




More information about the Spambayes mailing list