What is Digg?Sponsored by Microsoft
Microsoft responds to the headlines. view!
microsoft.com/everybodysbusiness - Read our developers' points of view on the headlines making news.
57 Comments
- inactive, on 10/12/2007, -1/+29No. Its only when IDIOTS stop buying fake viagra and penis enlargement ***** that the spam plague will go away.
No sales would equal no spam, but there are always utter idiots who will buy the stuff. - chetchez, on 10/12/2007, -2/+29Was it from Russia with Love?
- InvisionUK, on 10/12/2007, -2/+17Image spam is definitely not new. I've been receiving it from Russia for years.
- chris9902, on 10/12/2007, -1/+13"Random content with images.... annoying!"
that's most of the internet. - jotux, on 10/12/2007, -11/+22The country of Russia emails you?
- blapierre, on 10/12/2007, -4/+13No, you dumbass, spam already mails you. You mail it from Soviet Russia.
- rparle, on 10/12/2007, -0/+9Thunderbird blocks external images by default so that spammers can't find out which addresses are active by looking at which images are requested. But embedded images, which these spam messages use, are displayed.
- Slist, on 10/12/2007, -0/+9It wouldn't work, unfortunately...
"'The pictures are generated so that every e-mail sent is slightly different,' says Marx. This is achieved by changing the size or formatting of a picture. Even a few altered pixels can let an e-mail sidestep a filter." - scheper, on 10/12/2007, -1/+9Images are disabled by default on gmail, and they usually go straight to the spam folder
- zeno60, on 10/12/2007, -0/+7Sorry, couldn't read the article cause frickin verizon ad's are taking over their site.
- felchdonkey, on 10/12/2007, -4/+11digg me down
- troon, on 10/12/2007, -0/+6I find a combination of MIMEDefang, SpamAssassin, greylisting and sender address verification works extremely well for me and the 250 people for whom I run a forwarding service. Very little gets through that.
The most effective filter is a simple MIMEDefang test for a RFC-valid HELO string - I'm amazed how many spam senders don't get this right. It saves bandwidth by rejecting the message before any data is sent.
@TinyClanger - you'd only need to do the OCR once for each image. Store a hash (md5) of the image data as the key, and the text as the value in a table. Then when another message comes in, hash the image, look up, and return the text if found. - Gondolieri, on 10/12/2007, -0/+6Actually both bad spam-filtering and pickup rates contribute to spam prevalence.
- timing, on 10/12/2007, -0/+6True, the Gmail spamfilter had a hard time filtering the image spam I recieved. But now I do not recieve any image spam in my inbox. My spambox is full with them.
- rfunches, on 10/12/2007, -1/+7"Image spam is definitely not new. I've been receiving it from Russia for years."
It may not be new but whatever the spammers have been doing -- probably with the nonsensical text they've been throwing in that looks like fragments from a dozen novels or one of those "fake" websites with pages of keywords that plague Google searches -- has finally gotten past spam filters. The filtering my e-mail service uses (Brightmail, internally-maintained filters, RBL etc.) has been excellent until a few months ago when this exact type of spam started getting through. Since I've reported most of it as spam, it's slowed to maybe 2-3 a week, from about one a day. - aak4, on 10/12/2007, -4/+9Get revenge against the spammers: http://www.spamitback.com. The more people who use it, the more effective it is. (It's running on my computer now).
- rparle, on 10/12/2007, -4/+9"Fase"?
Try "phase". - jayfarer, on 10/12/2007, -0/+5I get nothing but image spam in my University email. At least we can still always tell by the nonsensical subject lines.
- eclectro, on 10/12/2007, -1/+6I wouldn't call the current crop of new spam filters bad, just that the spammers have no bottom to their sleaze.
- whalesalad, on 10/12/2007, -0/+4http://static.flickr.com/89/233182834_423f11399f_o.png
I get so many of those damn emails. Some of the titles are pretty funny, but annoying nonetheless. Random content with images.... annoying! - Ratteler, on 10/12/2007, -0/+4With all the freedom of speech restrictions being shoved our thoats by Bush and the Homoland Security, why in ***** sake can we not get class action suits against companies who are promoted through spam.
If a "stock tip" in a company is sent under false return emails to billions of people who don't want it, we should be able to sue the company for invasion of privacy, and make them sue who ever is sending the crap out.
It would also make life easier if Spam Filters in Thunderbird and other E-mail clients had "White" lists instead of black lists.
Instead of trying to kick out everything that you don't want, which is now the majority of e-mail, just lock your door and give the key to those you want to contact you. - whalesalad, on 10/12/2007, -0/+4Heh, yeah the obnoxious ads on websites are worse than email spam for me...
- inactive, on 10/12/2007, -2/+6Images are also usually blocked in Outlook Express. You have that dinky little 'click here to view images' thing.
And seeing as OE is probably the most widely used email client (note, I did not say best) thats a lot of image based spam that is not going to be effective. - TinyClanger, on 10/12/2007, -0/+3One nifty thing to do would be OCR any images coming in and add the content as a text attachment so it can be scanned by the spam detector.
You'd need a beefy mailserver to do it for an entire ISP, though, so it's probably best kept on the client side — by which time you've wasted the bandwidth anyway :( - ModernTenshi, on 10/12/2007, -2/+5Some of the spam I get comes from Russia with L0V3 p|llz fur yu 5|-|rt dik!!1!
- jcronkhite, on 10/12/2007, -0/+2I finally got tired of dealing with spam and went to www.spamarrest.com. This is great because it makes senders verify they are at least real by a verification email (a one time deal). You can upload an address book of your contacts so they'll be let through. New spamming methods don't matter because of this.
I know this sounds crazy, but I have not received one spam message on the mailboxes I'm protecting with this service. It's been almost 5 months. Seriously. - darkyoshi, on 10/12/2007, -1/+3"Begun, the Spam Wars have." -Master Groda
- inactive, on 10/12/2007, -0/+2Welcome to 2004, when Firefox introduced the Adblock plugin. Jeez guys, get with the times. I don't even know what an ad-filled page looks like anymore I've been adblocking for so long.
- involution, on 10/12/2007, -1/+3See Fuzzy OCR module for spam-assassin.
http://users.own-hero.net/~decoder/fuzzyocr/
I used to get 20-30 of these per day on my mail server, now none get through. - inactive, on 10/12/2007, -0/+2I have a crusty old add-in for Outlook called Spambayes. It works pretty damn well, particularly after some training, but the devs must have died or something because it hasn't been updated for like 2 or 3 years. It still works like a champ though, I suggest googling it.
- ngageguy, on 10/12/2007, -0/+1I remember somewhere seeing a filtering trick for images, I thought it was from lifehacker.com, but a search didn't bring it up. I did find this one that may be of use.
http://lifehacker.com/software/tag/use-gmail-as-a-spam-filter-39422.php - Lodarage, on 10/12/2007, -6/+7What a fool idea to SPAM them back. Who's the spammer then?
"An eye for an eye and a tooth for a tooth and the whole world would soon be blind and toothless." - Mahatma Gandhi - inactive, on 10/12/2007, -2/+3Yeah, Exchange 2k3 is awesome. Personally I like the fact that to run it you need at least 2 other servers supporting it, one for the proxy and one for the global catalog. So that's 3 servers, *just to serve email*.
Retarded. Expensive. Only from the minds of Microsoft. - moylan, on 10/12/2007, -0/+1i used to have a problem with spam till i changed how i used my inbox.
i assume _everything_ in my inbox is spam. then i filter out legit email with filters and rules to separate folders. this means that all that is left in my inbox is spam. quite easy to ditch it after that without even reading it.
of course gmails spam filter is pretty good and mdaemon which i use at work is not shabby either. down to about 4 spams a day in my inbox and thunderbird gets 2-3 of those and bins them. - BarriedaleNick, on 10/12/2007, -0/+1I've noticed the increase of this sort of spam for my organisation but I just send it on to our message filtering company - with in a few days everything is great. Then the spammers start sending different sorts of images and we start again. Ho Hum.
- turbo2ltr, on 10/12/2007, -0/+1The problem here is that everyone is looking for a way to catch spam before it get to you. How about we go to the root of the problem, SMTP. This needs to be fixed so spammers CANT spam. Some kind of verification process that is client side. All the major email providers need to get together to tackle this instead of each doing their own thing like has happened in the past with yahoo and hotmail. No one wins if we fight against each other instead of the common enemy.
- terrya64, on 10/12/2007, -0/+1I use a similar program, I receive absolutely no spam.
- henryaj, on 10/12/2007, -0/+1@felchdonkey
One has to ask where the inspiration for your username came from. - felchdonkey, on 10/12/2007, -0/+1Has anyone found a filter in either Outlook or Apple Mail that can ditch all messages which contain images only? I have a pretty sizable number of spam emails that I can tell come from the same place, and the one thing they always have in common is that they are purely images - no text.
Apparently there's not enough of a pattern in the header info, etc., to classify it, because training Apple Mail with the junk button just isn't working on these. I don't even need a fancy OCR solution - I just need to automatically trash any email that doesn't contain any text. - JamesWilson, on 10/12/2007, -0/+1Look don't take my word for it, watch their 5 star episode on google video:
http://video.google.com/videoplay?docid=-2165132838065157556 - gorndog, on 10/12/2007, -0/+0http://tinyurl.com/gw254
Are There Actual Solutions To Spam?
DKIM: Public Key Cryptography:
The best solution to date appears to be Yahoo! and Cisco's DKIM offering. DKIM's advance in authentication comes from the use of public key cryptography. In operation, authorized senders store a public key in the DNS. These senders then sign each outgoing message, including the header portions, with their private key and store a digital signature as an "X-Header" in the message. Recipients can then use the public key from the DNS to check if the sender of the message is one of those authorized to do so.DKIM has widespread respect in the e-mail standards community. In fact the Internet Engineering Task Force (IETF) has chartered a DKIM Working Group to formalize an open standard.
Even if an SMTP authentication method was firmly in place and widely adopted, it wouldn't inherently stop abuse.
The authentication scenario envisions the assistance of reputation and accreditation services to determine whether authenticated senders are trustworthy. - deanshultz, on 10/12/2007, -0/+0A little irony, I suppose. This article is about unwanted images. I was a bit nonplussed when visiting this article when an LG flash based ad not only gets in the way of the story, but follows as you try to scroll away from it....
- pwestbro, on 10/12/2007, -0/+0FuzzyOCR has worked for me as well. I don't get any more of the image spams.
- abouthere, on 10/12/2007, -2/+2If your spam filter is only set to search the text to make a decision then you're using a poor product. Your spam filter should be able to check for invalid MX records, invalid addresses and a variety of other spamming methods.
I personally use a spam and virus filtering service provided by Citrus Mail (http://www.citrusmail.com/). Only 17% of all e-mail sent to me gets sent on
Spam is a real problem and until people take proper measures to protect their PCs from become zombies, it'll continue to grow. - BorisJohnson, on 10/12/2007, -1/+1As an IT manager, I have recently deployed Exchange Server 2003. Microsoft offers a downloadable add-in for this called "Intelligent Message Filtering" which is actually pretty hot at sifting out spam. We also have an ASP based web interface so employees can access a browser-based message store on the intranet full of the days spam should they wish to check for false positives. ISP's and mail providers are slowly adopting this technology too.
One of the few Microsoft products you will hear me recommend! - inactive, on 10/12/2007, -0/+0They don't work at all if your program sucks as much as Eudora. Keyword filters on E-mail body text don't work at all in this moronic app, because Eudora runs the filters BEFORE decoding HTML. So all the spammers do is insert random fake tags in the middle of any offensive word: Via[bleh]gra[/]
Nice job ignoring this year after year, Qualcomm. - kevyn, on 10/12/2007, -2/+1i have found norton premium anti spam filter really good, it cut down a lot of spam for only a small price.
although the odd image spam still slips through...dammit. - ctpm, on 10/12/2007, -3/+0Try DSPAM. After some training it filters image spam pretty well. No need for OCR. I've been using DSPAM for the past 2 years with great results.
- chris9902, on 10/12/2007, -6/+3anything intresting?
- adriand, on 10/12/2007, -3/+0@blapierre and others,
I think soupicou meant that Soviet Russia mails YOU (your person) not TO YOU... at least, that's what sounded funny to me... and if so, geez, are people really that "dumbass" for not understanding a phrase that has multiple meanings? or are you the dumbass for only reading one of them -
Show 51 - 57 of 57 discussions
© Digg Inc. 2009
— Content created and posted by Digg users is 