RE: Spam with no purpose?
[EMAIL PROTECTED] wrote: What would happen if an ISP's mail server were to collect the URLs in emails and then retrieve the URL. Wouldn't this create a lot of false positives for the spammer thus screwing with their business model? It has to be smarter; this would not reproduce the decay rate, for example. Would fool only beginners. Michel.
Re: Spam with no purpose?
A message like this will usualy contain an html portion with an image in it that is a single pixel in size, that is white-on-white. It doesn't show up when you look at it, but it sends a request to the sender's specified website to get the pixel, thus showing them which email accounts are active. except for those of us who don't use browsers to read mail and have html turned off in our mail readers. i just love those get a mail reader that can handle html responses to my requests not to post html to nanog and other ops lists. html ain't quite as bad as javascript, but with today's html hackin' kiddies, it's a close contest. randy
Re: Spam with no purpose?
On Thu, Apr 01, 2004 at 07:03:35AM -0800, Randy Bush wrote: A message like this will usualy contain an html portion with an image in it that is a single pixel in size, that is white-on-white. It doesn't show up when you look at it, but it sends a request to the sender's specified website to get the pixel, thus showing them which email accounts are active. except for those of us who don't use browsers to read mail and have html turned off in our mail readers. i just love those get a mail reader that can handle html responses to my requests not to post html to nanog and other ops lists. html ain't quite as bad as javascript, but with today's html hackin' kiddies, it's a close contest. randy for those who tire of the increasing complexity of email(*) may I recommend /usr/ucb/mail - a (relatively) small, lightweight MUA. --bill (*) plus attachments, video/audio clips, goofy fonts, textured/scented stationary, et.al. and/or POP/IMAP, procmail, spamassasin, black/white/grey-lists, DNS hacks, et.al.
Re: Spam with no purpose?
[EMAIL PROTECTED] wrote: for those who tire of the increasing complexity of email(*) may I recommend /usr/ucb/mail - a (relatively) small, lightweight MUA. (*) plus attachments, video/audio clips, goofy fonts, textured/scented stationary, et.al. and/or POP/IMAP, procmail, spamassasin, black/white/grey-lists, DNS hacks, et.al. I'm thinking Big Chief tablet and black crayon. -- Requiescas in pace o email
Spam with no purpose?
Can someone explain to me (publicly or privately) why someone would send spam with no product to sell, no position to pitch, nothing except text designed to get by a spam filter -- without even HTML to KNOW it got by a spam filter.. For example: From: Joe Legitimate [EMAIL PROTECTED] To: Deepak Jain [EMAIL PROTECTED] Subject: [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] --- EOM --- I don't understand why one would waste the time, if its a test, why would it get out in public? I would like to think I am being naive, but I just don't see the upside unless it were particularly targeted at me or my mailserver to determine our response or response time, etc. Thanks in advance, DJ
Re: Spam with no purpose?
On Wed, 31 Mar 2004 22:18:03 -0500 Deepak Jain [EMAIL PROTECTED] wrote: Can someone explain to me (publicly or privately) why someone would send spam with no product to sell, no position to pitch, nothing except text designed to get by a spam filter -- without even HTML to KNOW it got by a spam filter.. For example: From: Joe Legitimate [EMAIL PROTECTED] To: Deepak Jain [EMAIL PROTECTED] Subject: [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] --- EOM --- I don't understand why one would waste the time, if its a test, why would it get out in public? I would like to think I am being naive, but I just don't see the upside unless it were particularly targeted at me or my mailserver to determine our response or response time, etc. just out of curiosity, do you happen to use a mail reader which normally only shows you the text portion of a mime message? there's quite a lot of spam which has attempts at busting bayesian filters in the text section, and the spam payload is in the html section. richard -- Richard Welty [EMAIL PROTECTED] Averill Park Networking 518-573-7592 Java, PHP, PostgreSQL, Unix, Linux, IP Network Engineering, Security
Re: Spam with no purpose?
On Wed, Mar 31, 2004, Deepak Jain wrote: Can someone explain to me (publicly or privately) why someone would send spam with no product to sell, no position to pitch, nothing except text designed to get by a spam filter -- without even HTML to KNOW it got by a spam filter.. (a) kill bayesian filters - people would simply mark it as spam and then notice that their spam filters become less trustworthy. (b) list scraping - perhaps not random dictionary words (i've seen real-sounding meeting confirmation emails, for example, which a few unrelated friends of mine also received) to determine which email addresses are/aren't valid (c) Sometimes, I get spam with the above crap in the text body, but a spam-like HTML body. Adrian -- Adrian ChaddI'm only a fanboy if [EMAIL PROTECTED] I emailed Wesley Crusher.
Re: Spam with no purpose?
On Thu, 1 Apr 2004, Adrian Chadd wrote: On Wed, Mar 31, 2004, Deepak Jain wrote: Can someone explain to me (publicly or privately) why someone would send spam with no product to sell, no position to pitch, nothing except text designed to get by a spam filter -- without even HTML to KNOW it got by a spam filter.. snip (c) Sometimes, I get spam with the above crap in the text body, but a spam-like HTML body. numbing the masses to the pain
Re: Spam with no purpose?
Date: Wed, 31 Mar 2004 22:18:03 -0500 From: Deepak Jain [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Spam with no purpose? Can someone explain to me (publicly or privately) why someone would send spam with no product to sell, no position to pitch, nothing except text designed to get by a spam filter -- without even HTML to KNOW it got by a spam filter.. It is a probe to verify the address. since it did not bounce, the address is verified. Some spam filters filter out empty messages. The words avoid this. Regards, Gregory Hicks For example: From: Joe Legitimate [EMAIL PROTECTED] To: Deepak Jain [EMAIL PROTECTED] Subject: [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] [dictionary word] --- EOM --- I don't understand why one would waste the time, if its a test, why would it get out in public? I would like to think I am being naive, but I just don't see the upside unless it were particularly targeted at me or my mailserver to determine our response or response time, etc. Thanks in advance, DJ - Gregory Hicks | Principal Systems Engineer Cadence Design Systems | Direct: 408.576.3609 555 River Oaks Pkwy M/S 6B1 | Fax: 408.894.3479 San Jose, CA 95134 | Internet: [EMAIL PROTECTED] I am perfectly capable of learning from my mistakes. I will surely learn a great deal today. A democracy is a sheep and two wolves deciding on what to have for lunch. Freedom is a well armed sheep contesting the results of the decision. - Benjamin Franklin The best we can hope for concerning the people at large is that they be properly armed. --Alexander Hamilton
RE: Spam with no purpose?
On Wed, 31 Mar 2004, Michel Py wrote: Deepak Jain wrote: Can someone explain to me (publicly or privately) why someone would send spam with no product to sell, no position to pitch, nothing except text designed to get by a spam filter -- without even HTML to KNOW it got by a spam filter.. I'm surprised you only got it now. I had been receiving emails like that for probably at least a year. Likely two different goals here: 1. Reduce the efficiency of Bayesian-like filters: Trouble with this kind of email is that they are a) of sufficient length b) contain only real words c) contain none of the words regularly used by spammers such as the v. word. Have to agree, this foremost the reason. Its interesting however that spammers are doing it not for their own companies specific interest but for interest of their spamming industry in general You can bet that it won't be long until we see such messages that not only use only dictionary words, but furthermore are constructed with a valid grammar (and still mean nothing). I already saw it. Right now its just random phrases being put together and not yet entire text. And somewhere (actually several years ago), I've read of AI program capable of creating complete stories when its given some key phrases to start with, would not be surprised if same or similar algorithms began to be used. Personally I do not believe that bayesian filtering (or text filtering in general) is the way to fight spam, there is too much chance of filtering false positives along the way (and it is only increasing as spammers are is evident by what is discussed in this thread). Its better to focus on authentication of the source source and of trust mechanisms for legitimate mail senders. Spammers have a problem taht they are often operating against the laws or policies of their providers and they have to try to hide their identity and the mechanisms they use for that can be identified and loopholes closed as much as possible. -- William Leibzon Elan Networks [EMAIL PROTECTED]
RE: Spam with no purpose?
Michel Py wrote: You can bet that it won't be long until we see such messages that not only use only dictionary words, but furthermore are constructed with a valid grammar (and still mean nothing). William Leibzon wrote: I already saw it. Right now its just random phrases being put together and not yet entire text. And somewhere (actually several years ago), I've read of AI program capable of creating complete stories when its given some key phrases to start with, would not be surprised if same or similar algorithms began to be used. Mind forwarding a few? I believe that these are early probes though; no reason to kill the bunch of dictionary words technique too early. Michel.