Are the spammers using some sort of filter to obscure the text into something consistently decipherable? The messages I'm seeing lately remind me of the 'haxor', 'jive', 'chef' and 'kraut' filters (http://www2.dystance.net:8080/software/talkfilters/). While I like to think they're slaving away trying to come up with stuff that's almost-but-not-completely-totally-unlike-spam manually, I suspect it's automated by now.
h4x0r and g.a.p.p.i.n.g are actually getting to be "old" techniques by now. Those two were some of the first obfuscation techniques used.
Other stuff includes extra character insertion (ie, the one I quoted). Character duplications, rearrangements, single character changed to some other character at random, intentional mis-spellings, etc. If you look at the HTML source lots are doing gapping with HTML tags stuck between letters too (doesn't help against SA however).
Probably the newest trends (as I see it) are the extra character insertions, character duplication, and single character change.
Sometimes it's automated over the whole mail. Other times it looks like they are doing it only on certain "key" words.. It always looks like it was automated however. Spammers are big on automation... lots of volume to do, and it's all gotta look different to try to get one or two by a filter now and then.
------------------------------------------------------- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
