Paid Advertising is
ha.ckers sla.cking
Ways to stop spam, detect robotic activity, and actually harm the spam trade, as well as how it works, how to circumvent filters, etc. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Anti-Spam heuristics
Posted by: rsnake
Date: August 24, 2006 12:00PM

A few years back I went to an email conference where I heard a number of anti-virus and anti-spam technical folks talking on a panel about some of their tactics and where the trends were going. It was a bit of a yawn-fest, but one comment got me thinking. They basically said that one of the variables they use for detection is so easy to fix they couldn't tell anyone, but it has to do with the fingerprint they leave on the system they are sending email to.

I happen to know a bit about spam, as one of the email accounts I have is so old, and so well distributed on the net, that I've nearly crushed the email servers that host my mail in spam. In fact, we get so much spam that one of the anti-spam companies uses it as heuristics to tune their own spam engines. Amazing! And even after that I still have my own anti-spam filters, AND I still get spam. It's crushing.

But I wonder what that fingerprint is. It could be something as simple as sending something in lowercase when all other MTUs send it in uppercase, or adding an extra line feed or anything small. Anyone have any ideas? It might give us a clue as to what to search for in terms of other applications.

- RSnake
Gotta love it.

Options: ReplyQuote
Re: Anti-Spam heuristics
Posted by: bodil
Date: April 08, 2007 03:32PM

I get around 1.000 spam mails per week, on one of my accounts. Its a gmail account, and the name includes a dot. half of the spam i get is send to my account without using the dot though, but it still gets through. Like if my account was "" and some one send a mail to "" it will still get to me. It could be coincidence, but i have never seen a spam to this address without the dot in my inbox.

Options: ReplyQuote
Re: Anti-Spam heuristics
Posted by: hackathology
Date: April 10, 2007 12:57AM

how about, i dunno will that works. But i guess it most probably not.

@Rsnake: Why they couldn't tell anyone?

Options: ReplyQuote

Sorry, only registered users may post in this forum.