I don't know if this is possible but... If it's an unkown sender, default to plaintext only (with the option to remove all *ML tags). Lets the email client automagically configure hyperlinks. If it's a known sender in address book, then OK for html body. Optionally, a click of a button would transform that plaintext into HTML (for newsletters and such). Hmm, I might submit that for Mozilla, perhaps one day they will be able to connect to Exchange servers. Unless someone knows of a email client that does this? Alternativly... Everyone should start sending plaintext, I don't see the point in HTML stuff, except for news letters and such, but that's just my opinoin. Kenny Mann >-----Original Message----- >From: Mark Hippenstiel [mailto:M.Hippenstiel@xxxxxxxxxxxx] >Sent: Tuesday, October 28, 2003 4:33 PM >To: [ISAserver.org Discussion List] >Subject: [isalist] Re: OT: Criminal Spammers > > >http://www.ISAserver.org > > >You could strip all withespace and non-alphabet characters >from the text, giving you > >AIUNTSOUXRXAXNXCXE > >A partial string analysis against any dictionary (let's say >the threshold should be 3 chars at least) would not yeald any >valid word. Add a thousand points to the spam counter :) Or >you could do a letter frequency analysis (well, at least as >long the X are present). > >It's a good thing to do anyway if you want to get around >exessive html tagging like <td>S</td><td>P</td><td>A</td><td>M</td> > >Mark > > >> -----Original Message----- >> From: cismic [mailto:cismic@xxxxxxx] >> Posted At: Tuesday, October 28, 2003 10:21 PM >> Posted To: www.isaserver.org >> Conversation: [isalist] Re: OT: Criminal Spammers >> Subject: [isalist] Re: OT: Criminal Spammers >> >> >> http://www.ISAserver.org >> >> I think I should publish all the little tricks that I see >them using. >> A - - - I U - - - N >> T - - - S >> O - - - U >> X - - - R >> X - - - A >> X - - - N >> X - - - C >> X - - - E >> This is one of the latest methods that I've discovered. Very hard to >> black this type of crap >> Anyone got any ideas? >> >> Joseph >> >> -----Original Message----- >> From: Jim Harrison [mailto:jim@xxxxxxxxxxxx] >> Sent: Tuesday, October 28, 2003 12:42 PM >> To: [ISAserver.org Discussion List] >> Subject: [isalist] Re: OT: Criminal Spammers >> >> >> http://www.ISAserver.org >> >> Yep; got a whole collection of it. >> >> Jim Harrison >> MCP(NT4, W2K), A+, Network+, PCG http://www.microsoft.com/isaserver >> http://isaserver.org/Jim_Harrison >> http://isatools.org >> >> Read the help, books and articles! >> ----- Original Message ----- >> From: "cismic" <cismic@xxxxxxx> >> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> >> Sent: Tuesday, October 28, 2003 12:29 >> Subject: [isalist] Re: OT: Criminal Spammers >> >> >> http://www.ISAserver.org >> >> Hi All, >> >> Do any of you actually save spam? I do since I find it >interesting to >> see how cleaver folks are when they add filtering crap all >around the >> click here to go there link's. Some of the new spam kind of reminds >> me of the old ascii art. >> >> Joseph >> >> -----Original Message----- >> From: Brian Drought [mailto:brian@xxxxxxxxxxxx] >> Sent: Tuesday, October 28, 2003 12:03 PM >> To: [ISAserver.org Discussion List] >> Subject: [isalist] Re: OT: Criminal Spammers >> >> >> http://www.ISAserver.org >> >> Spencer, >> I'm looking for valid words, so it'd look for "Pum.ps" in the SQL >> table, not find it and increment the duff word counter. ... but... I >> do like your thinking. I've seen some spam which is along the >> lines of 'Or >> your money back!!!!'. Excess of punctuation could make the code think >> it's a big more spammy (I'm trying to make it so it'll look >at lots of >> different things and evaluate it that way). >> >> One thing I've noticed aswell, is some spam has subject lines like: >> >> "Get pills >> jniihiodz jjojod" >> >> So I could look for a excess of whitespace aswell...... >> >> Keep the ideas coming folks :-) >> >> Bri >> >> ----- >> Something I have seen recently is the overuse of punctuation in >> sentences! >> >> For Example (no points for guessing the subject to the spam!) >> N.o Pum.ps >> - No S.urgery - No E.xercises *_100%_Money_Back_G.uarante.e >This seems >> to be acceptable to GFI. >> >> I don't know whether there's a way of counting the >punctuation/letters >> ratio and tagging them this way. >> >> ...Spence >> >> >> >> >> ------------------------------------------------------ >> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist >> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp >> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ >> ------------------------------------------------------ >> Other Internet Software Marketing Sites: >> Leading Network Software Directory: http://www.serverfiles.com No.1 >> Exchange Server Resource Site: http://www.msexchange.org Windows >> Security Resource Site: http://www.windowsecurity.com/ Network >> Security >> Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: >> http://www.ntfaxfaq.com >> ------------------------------------------------------ >> You are currently subscribed to this ISAserver.org >Discussion List as: >> cismic@xxxxxxx To unsubscribe send a blank email to >> $subst('Email.Unsub') >> >> ------------------------------------------------------ >> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist >> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp >> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ >> ------------------------------------------------------ >> Other Internet Software Marketing Sites: >> Leading Network Software Directory: http://www.serverfiles.com No.1 >> Exchange Server Resource Site: http://www.msexchange.org Windows >> Security Resource Site: http://www.windowsecurity.com/ Network >> Security >> Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: >> http://www.ntfaxfaq.com >> ------------------------------------------------------ >> You are currently subscribed to this ISAserver.org >Discussion List as: >> jim@xxxxxxxxxxxx To unsubscribe send a blank email to >> $subst('Email.Unsub') >> >> >> ^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^* >> >> All mail from this domain is virus-scanned with RAV. >> www.ravantivirus.com >> >> ^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^* >> >> >> ------------------------------------------------------ >> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist >> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp >> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ >> ------------------------------------------------------ >> Other Internet Software Marketing Sites: >> Leading Network Software Directory: http://www.serverfiles.com No.1 >> Exchange Server Resource Site: http://www.msexchange.org Windows >> Security Resource Site: http://www.windowsecurity.com/ Network >> Security >> Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: >> http://www.ntfaxfaq.com >> ------------------------------------------------------ >> You are currently subscribed to this ISAserver.org >Discussion List as: >> cismic@xxxxxxx To unsubscribe send a blank email to >> $subst('Email.Unsub') >> >> ------------------------------------------------------ >> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist >> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp >> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ >> ------------------------------------------------------ >> Other Internet Software Marketing Sites: >> Leading Network Software Directory: http://www.serverfiles.com No.1 >> Exchange Server Resource Site: http://www.msexchange.org Windows >> Security Resource Site: http://www.windowsecurity.com/ Network >> Security Library: http://www.secinf.net/ Windows 2000/NT Fax >> Solutions: http://www.ntfaxfaq.com >> ------------------------------------------------------ >> You are currently subscribed to this ISAserver.org Discussion >> List as: isaserver@xxxxxxxxxxxx >> To unsubscribe send a blank email to >> $subst('Email.Unsub') >> > >------------------------------------------------------ >List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist >ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp >ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ >------------------------------------------------------ >Other Internet Software Marketing Sites: >Leading Network Software Directory: http://www.serverfiles.com >No.1 Exchange Server Resource Site: http://www.msexchange.org >Windows Security Resource Site: http://www.windowsecurity.com/ >Network Security Library: http://www.secinf.net/ Windows >2000/NT Fax Solutions: http://www.ntfaxfaq.com >------------------------------------------------------ >You are currently subscribed to this ISAserver.org Discussion >List as: kennymann@xxxxxxxxxxx To unsubscribe send a blank >email to $subst('Email.Unsub') >