The answer to SPAM IMHO is filtering on the client side. Our server filter gets 80%+ of it but I still got 50+ SPAMs a day. Since going to PopFile proxy filter on my laptop (awsome & free @ sourceforge) I get maybe one a week. It's based on Bayesian Theorum. Not bad for a 15th Century monk ;)
Curt Purdy CISSP, GSEC, MCSE+I, CNE, CCDA Information Security Engineer DP Solutions ---------------------------------------- If you spend more on coffee than on IT security, you will be hacked. What's more, you deserve to be hacked. -- former White House cybersecurity zar Richard Clarke -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of MaX Flebus Sent: Tuesday, October 07, 2003 6:52 PM To: [EMAIL PROTECTED] Subject: [inbox] Re: [Full-Disclosure] Spam with PGP > I remember hearing this is another method for bypassing spam filters. >Apparently some filters will pass e-mail with PGP signatures thinking it >is legitimate. It is an interesting concept, though. > > I think my favorite is still the jpgin an html enabled e-mail with >seemingly valid information and links that is actually a link to an xss or >pr0n site. Spammers are starting to use better methodologies and soon >filtering options will be almost impossible. I find it amusing to see what >they will do next, though. > >-William Well, this reminds us that a spam filter, although definitely a good thing, it's not the definitive solution, just like a firewall IMHO. You can't bet too much on a purely automatic solution. Anyway, again like firewalls, I'm not so pessimistic: completely filtering out what you don't want could be, OK, impossible but filtering out almost all, is what we really need. MaX -- www.flebus.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html