[THIN] Re: OT: spam gifs
- From: "Matthew Shrewsbury" <MShrewsbury@xxxxxxxxxxxxxxx>
- To: <thin@xxxxxxxxxxxxx>
- Date: Tue, 25 Apr 2006 16:47:28 -0400
If the gif image is opening from a url then your said system works fine.
We are talking when gif image is embedded in the email. Although lists
do work well spammers use throw away domains that last in some cases as
little as 24 hours and the lists can't keep up with that.
Matthew Shrewsbury, MCSE+Internet MCSE 2000 CCA Server+
Network Manager
-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of Euan Cooper
Sent: Tuesday, April 25, 2006 4:35 PM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: OT: spam gifs
Our anti spam filter catches most of these type off spam - they all use
html to display the giff (or tiff of jpg) and an <a href> to point ot a
web site - by comparing the url with lists of known SPAM urls we get a
very high "hit rate" on this type of spam. The vendor maintains the
list of known spam urls, so as new ones are found our system detects
them.
In our case we could not simpy block image files as we have legitimate
business needs to allow images in e-mails
-Ec
-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx
[mailto:thin-bounce@xxxxxxxxxxxxx]On Behalf Of Matthew Shrewsbury
Sent: 25 April 2006 4:26 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: OT: spam gifs
I banned *.gif files last year and have not regretted it. I use
a open relay filter that just removes the *.gif files from the email.
Matthew Shrewsbury, MCSE+Internet MCSE 2000 CCA Server+
Network Manager
-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx
[mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Roger Riggins
Sent: Monday, April 24, 2006 11:53 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] OT: spam gifs
We've recently started receiving some spam that is simply a .gif
that contains the text so the spam filters aren't able to check content.
It appears that the only way to block this is to ban messages that
contain .gifs. Is it going to eventually come to that? Are any of you
running into the same dilemma?
Thanks,
Roger Riggins
Network Administrator
Lutheran Services in Iowa
w: 319.859.3543
c: 319.290.5687
http://www.lsiowa.org
Lutheran Services in Iowa Confidentiality Notice
==================================================================
The information contained in this communication may be
confidential,
is intended only for the use of the recipient(s) named above,
and
may be legally privileged. If the reader of this message is not
the
intended recipient, you are hereby notified that any
dissemination,
distribution, or copying of this communication, or any of its
contents, is strictly prohibited. If you have received this
communication in error, please return it to the sender
immediately
and delete the original message and any copy of it from your
computer
system. If you have any questions concerning this message,
please
contact the sender.
Other related posts:
