Re: Interesting article about how spammers beat filters

[Justin Mason <jm...@jmason.org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Chris Santerre writes:
> I remember his talk at MIT. It was nice, but like the article said, each
> person's Bayes DB is different. So he basically only figured out his own
> words to get thru the filter. Sending 1000s of emails to a single person to
> defeat there single bayes db is crazy. They may send 1 spam 2-3 times per
> email addy. SO basically they would have to up there output by 1000X???

*tens* of thousands of messages, and it requires that bounces are returned
if the message is matched as spam (a feedback loop).

His talk basically came to the conclusion that

  1. it's useless for spammers, since they cannot expend that much effort
  for each recipient's Bayes training;

  2. bouncing detected spam is a Bad Thing since it allows spammers to
  perform this fine-tuning (theoretically).

  3. MUAs that load images from remote servers are likewise a Bad Thing,
  since it also provides a back-channel for them.

The Beeb, and /., are making it sound like a weakness was found.  This
is not the case.

- --j.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
Comment: Exmh CVS

iD8DBQFAIUeTQTcbUG5Y7woRAv1mAKDM1OMLaUobdP55k/uBohbjV2dZHgCgn9KB
7T7xLkN4bGZicxN1zTrPXtg=
=G/rd
-----END PGP SIGNATURE-----