You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Charles Gregory <cg...@hwcn.org> on 2004/02/24 18:00:02 UTC
Re: [spa] Re: new kind of spam?
On Tue, 24 Feb 2004, Andy Spiegl wrote:
> Hm, I'm wondering why nobody replied to my posting. Did I do something
> wrong?
For some reason, the first time you posted, the links to samples did not
work. A lot of people on here don't have time to teach people how to post,
or feel rude saying so. So we just move on....
As for your spam. I see nothing particularly 'wrong' with it.
The font colors fall just outside the range that spamassassin considers
'invisible'. You might consider using the 'random word' rules that have
been posted here (the absence of punctuation is the giveaway).
SA really can't do any significant scoring on the fact that GIFs are
attached to the mail....
- C
> > Hi, recently I get lots of this type of spam but SA doesn't detect it.
> >
> > text/plain part: bayes poison (random words)
> > text/html part:
> > <html>
> > <body>
> > <p><font color="#FFFFF6">o54RTRtW H75u 8k35DWC74 BV1Ux626 37E4q6c T03O2 5p0v JH 8mv5m1j bH8uj5l0 Q2M 87trccQJc k1YHo 384W4 2IkP6</font></p>
> > <A href="http://softsale.pe.kg"><IMG src="cid:H61OH4mFLXutAPEb61W60xJ468i3xx57" border=0></A>
> > <p><font color="#FFFFF0">BUGm1 Tc6dA5510 iiUM5354 6GsB H0676 2hK578xW ao8 RY4 r303o6 2v5n7 2a63i0R d42</font></p>
> > <p><font color="#FFFFF8">2874W UIxK2n 75k622 CTYS 2Ob0</font></p>
> > </body>
> > </html>
> >
> > Then one or two GIFs attached.
> >
> > Complete examples can be found here:
> > http://andy.spiegl.de/sa-spam1.txt
> > http://andy.spiegl.de/sa-spam2.txt
> > http://andy.spiegl.de/sa-spam3.txt
> >
> > Has someone figured out a rule already?
> > Thanks,
> > Andy.
>
> --
> o _ _ _
> ------- __o __o /\_ _ \\o (_)\__/o (_) -o)
> ----- _`\<,_ _`\<,_ _>(_) (_)/<_ \_| \ _|/' \/ /\\
> ---- (_)/ (_) (_)/ (_) (_) (_) (_) (_)' _\o_ _\_v
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> Finagle's Third Law:
> In any collection of data, the figure most obviously correct,
> beyond all need of checking, is the mistake.
>