John D. Hardin wrote: > All: > > A few posts back was a suggestion for checking the MD5 checksum of > attached images against a blacklist to catch the current wave of > attached-image-only stock pump-and-dump scam spams. > > Taking that to its logical conclusion suggests the creation of a > public Image Realtime Block List along the lines of what SURBL > provides for URLs, and extending SA to MD5-sum attached images and > check them against the block list. > > Is this a good idea? Is this a bad idea?
It's a great idea.. it's called Razor2, although they use sub-selection SHA1 hashing. (since razor works on a per-mime part basis, it does wind up handling images, or any other attachments, as separate e4 hashes)