You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by decoder <de...@own-hero.net> on 2006/08/28 16:00:23 UTC
Now ascii spam instead of real pictures
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello there,
A friend of mine recently received a mail containing an ASCII image
advertising meds. The mail is attached.
Anyone seen this before? Do rules exist already against this kind of spam?
Chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFE8vb3JQIKXnJyDxURAlpDAKCcMJNgdznSZnga1uZst+Lhc2iCIwCgvJP3
41fvggKf/jHtrac0n+sAdQA=
=4Ehg
-----END PGP SIGNATURE-----
Re: Now ascii spam instead of real pictures
Posted by jdow <jd...@earthlink.net>.
From: "decoder" <de...@own-hero.net>
>
> Hello there,
>
>
> A friend of mine recently received a mail containing an ASCII image
> advertising meds. The mail is attached.
>
>
> Anyone seen this before? Do rules exist already against this kind of spam?
jdow curtsies in the general direction of the creativity that (mis)used
ASCII art this way. (Then she pulls out her handy .38 and sends along a
head shot or three his way - the laser dot is right on his forehead.)
Now THAT one will be a hard one to catch. It's time to resurrect the
chickenpox and similar rules. A chickenpox plugin to count the pox
would be a good idea. Of course, this will require tuning for handling
the inevitable creativity I can see coming.
{^_-}
Re: Now ascii spam instead of real pictures
Posted by Logan Shaw <ls...@emitinc.com>.
On Mon, 28 Aug 2006, decoder wrote:
> Loren Wilton wrote:
>> Ah. Sig-file format. That is I guess a slight new twist. This
>> sort of thing was popular for a month or two a couple of years ago.
>> I suspect they gave up on it then because it was probably done by
>> hand and not worth the effort.
> Yea this could probably be catched by looking for huge amounts of
> typical ascii art characters like \ | / ( ) etc...
The particular example that started this thread looks like
output from the "figlet" program. See:
http://www.figlet.org/
http://www.figlet.org/examples.html
Of course, as soon as you create a plugin or rules that
recognize figlet output, then they will start creating it
by hand. Or modifying figlet output. So it would be helpful
to create a rule that keeps that in mind.
Also, it might be bad to create a plugin or rule that matches
any ASCII art in any message. Not all ASCII art is spam.
- Logan
Re: Now ascii spam instead of real pictures
Posted by decoder <de...@own-hero.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Loren Wilton wrote:
> Ah. Sig-file format. That is I guess a slight new twist. This
> sort of thing was popular for a month or two a couple of years ago.
> I suspect they gave up on it then because it was probably done by
> hand and not worth the effort.
>
> Probably not too hard to catch this sort of thing.
>
> Loren
>
Yea this could probably be catched by looking for huge amounts of
typical ascii art characters like \ | / ( ) etc...
Seems like a case for SARE ;D
Chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFE8xrvJQIKXnJyDxURAmzGAJ4idww42k0/f/P+7ah7Jg3+skFW/QCgitFW
rAp+8JQeCHf9m1/QUyaSw4s=
=gg81
-----END PGP SIGNATURE-----
Re: Now ascii spam instead of real pictures
Posted by Loren Wilton <lw...@earthlink.net>.
Ah. Sig-file format. That is I guess a slight new twist. This sort of
thing was popular for a month or two a couple of years ago. I suspect they
gave up on it then because it was probably done by hand and not worth the
effort.
Probably not too hard to catch this sort of thing.
Loren