Re: OT: Criminal Spammers

• From: "Brian Drought" <brian@xxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Tue, 28 Oct 2003 16:35:06 -0000

Jim,

> ..of course, you could set up a content filter to drop anything like
> "http://&#";, since no self-respecting business would be trying to sneak
> around your spam filters, would they?

I'm writing something that does just this. It also treats links with your
email address in with some suspicion.

Also, it decodes the email into words and then checks the validity of each
word against a database of known words (some 400,000!). If the ration of
bad/good words is aboe a certain threshold in either subject or title it
bins the email.

Also checks for invalid HTML (no </body> </html> tags etc, then for
invisible text etc etc. Seems to pick out about 95% of what our GFI server
is missing (with the latest list of keywords I grabbed from this list!)

  Bri

Other related posts:

• » OT: Criminal Spammers
• » RE: OT: Criminal Spammers
• » Re: OT: Criminal Spammers
• » Re: OT: Criminal Spammers
• » Re: OT: Criminal Spammers
• » Re: OT: Criminal Spammers
• » Re: OT: Criminal Spammers
• » Re: OT: Criminal Spammers
• » Re: OT: Criminal Spammers
• » Re: OT: Criminal Spammers
• » RE: OT: Criminal Spammers
• » Re: OT: Criminal Spammers
• » Re: OT: Criminal Spammers
• » Re: OT: Criminal Spammers
• » Re: OT: Criminal Spammers
• » RE: OT: Criminal Spammers
• » Re: OT: Criminal Spammers
• » RE: OT: Criminal Spammers
• » Re: OT: Criminal Spammers
• » Re: OT: Criminal Spammers
• » Re: OT: Criminal Spammers

1. Home
2. isalist
3. Archive
4. 10-2003

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---